An enormous database, containing millions of highly sensitive information on Swedish citizens, was sitting on the open internet, available for anyone who knew where to look.
Cybernews researchers recently uncovered a misconfigured Elasticsearch server which they described as a “goldmine of business intelligence data”, containing hundreds of millions of highly detailed records belonging to Swedish individuals and organizations. It was attributed it to a business intelligence specialist, but the company denied having anything to do with the archive.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Instagram says there’s been ‘no breach’ despite password reset requests
January 11, 2026
Instagram says that although some users received suspicious-looking password reset requests, it has not been breached. That seemingly contradicts a Friday Bluesky post from antivirus software company Malwarebytes, which shared a screenshot of an email from Instagram informing users of a request to reset their password. The post claimed, “Cybercriminals stole the sensitive information of 17.5 ...
- UK government exempting itself from flagship cyber law inspires little confidence
January 10, 2026
From May’s cyberattack on the Legal Aid Agency to the Foreign Office breach months later, cyber incidents have become increasingly common in UK government. The scale extends far beyond these high-profile cases: the NCSC reports that 40 percent of attacks it managed between September 2020 and August 2021 targeted the public sector, a figure expected to ...
- Illinois health department exposed over 700,000 residents’ personal data for years
January 8, 2026
The health department for the U.S. state of Illinois has confirmed that a years-long security lapse exposed the personal information of more than 700,000 state residents. The Illinois Department of Human Services (IDHS) said in a statement on January 2 that an internal mapping website containing residents’ personal information, which officials used for assisting with the ...
- One million customers on alert as extortion group claims massive Brightspeed data haul
January 7, 2026
US fiber broadband company Brightspeed is investigating claims by the Crimson Collective extortion group that it stole sensitive data belonging to more than 1 million residential customers, including extensive personally identifiable information (PII), as well as account and billing details. Brightspeed is one of the largest fiber broadband providers in the US and serves customers across ...
- Hacktivist deletes white supremacist websites live onstage during hacker conference
January 5, 2026
A hacktivist remotely wiped three white supremacist websites live onstage during their talk at a hacker conference last week, with the sites yet to return online. The pseudonymous hacker, who goes by Martha Root — dressed as Pink Ranger from the Power Rangers — deleted the servers of WhiteDate, WhiteChild, and WhiteDeal in real time ...
- Cybercrook claims to be selling infrastructure info about three major US utilities
January 2, 2026
A cybercrook claims to have breached Pickett and Associates, a Florida-based engineering firm whose clients include major US utilities, and is selling what they claim to be about 139 GB of engineering data about Tampa Electric Company, Duke Energy Florida, and American Electric Power. The price is 6.5 bitcoin, which amounts to about $585,000. Based in ...