SAS Scandinavian Airlines’ App Compromised by a Cyberattack

February 14, 2024

SAS Scandinavian Airlines was hit by a cyber attack on February 14th, compromising its app. The airline was said to be working on a solution, with reports saying that the problem was fixed to a large extent. Still, SAS warned that the attack may have targeted customer data following the breach.

read more

Akira Group Attacks Finnish Tietoevry Causing Disruption Across Swedish Businesses

January 19, 2024

Finnish IT services and enterprise cloud hosting provider Tietoevry has suffered an Akira ransomware attack impacting cloud hosting customers in one of its data centers in Sweden. The attack encrypted the company’s virtualization and management servers used to host the websites or applications for a wide range of businesses in Sweden.

Companies impacted by the attack: Sweden’s largest cinema chain, Filmstaden, discount retail chain Rusta, raw building materials provider Moelven, farming supplier Grangnården, Tietoevry’s managed Payroll and HR system, Primula (used by the government, universities, and colleges in Sweden), numerous government agencies and municipalities.

read more

Attack on Swedish medical technology provider disrupts municipal British ambulance services.

July 18, 2023

Attack on Swedish medical technology provider disrupts municipal British ambulance services.
Swedish healthcare and medical technology provider Ortivus disclosed a cyber incident that took place on July 18, which affected UK customers using their cloud-hosted MobiMed ePR electronic patient record system. The UK National Health Service (NHS) confirmed the intrusion impacted the ambulance services in several parts of the country, preventing access to patient medical histories by ambulance crews.

read more

Website Outage and Passenger Data Breach at Scandinavian Airlines

February 14, 2023

A recent multi-hour outage of Scandinavian Airlines (SAS) website and mobile app was caused by a cyberattack. The cyberattack caused passenger data to become visible to other passengers. This data includes contact details, previous and upcoming flights, as well the last four digits of the credit card number.

read more

Hackers Demand $3M from Scandinavian Airlines (SAS)

May 24, 2023

The hacker group “Anonymous Sudan” has made an unexpected demand of $3 million from Scandinavian Airlines (SAS) in order to halt distributed denial-of-service attacks (DDoS) that have been targeting the airline’s websites since February. Despite initially presenting themselves as politically-motivated hacktivists, the group appears to be resorting to using extortion tactics for financial gain.

On Monday, 29 May, Anonymous Sudan shared a ransom note on its Telegram channel claiming that SAS and its services have been paralyzed for more than five days. The company has responded to user complaints on Facebook, acknowledging an issue with its website and assuring customers that SAS is “working to resolve it quickly.” SAS did not respond to The Record’s inquiries.

Meanwhile, Anonymous Sudan continues to escalate their demands, raising their initial price from $3,500 to a staggering $3 million. Anonymous Sudan first began targeting SAS in February, knocking its website offline and exposing some user data. Some customers who attempted to log in to the SAS mobile app were sent to others’ accounts and had access to their contact information and itineraries. The group blamed the burning of a Quran during demonstrations in January protests in Stockholm for motivating the attacks.

Anonymous Sudan followed up the incident with cyberattacks on Sweden’s national public television broadcaster, German airports, Danish hospitals, as well as Israeli banks, news websites, and, most recently, a missile warning system.

read more

Data breach at Scandinavian Airlines

February 14, 2023

Scandinavian Airlines (SAS) has posted a notice warning a cyberattack caused some form of a malfunction on the airline’s online system. The attack caused passenger data to become visible to other passengers. This data includes contact details, previous and upcoming flights, as well the last four digits of the credit card number.

The attack on SAS was claimed by a group of so-called hacktivists called ‘Anonymous Sudan’. The hackers stated they attacked SAS due to an event that took place in front of the Turkish embassy in Stockholm, Sweden.

read more

R&D Data Breach at Volvo Cars

November 30, 2021

Car company Volvo suffered a cyberattack on some of its research and development property, the manufacturer said in a press release. Volvo Cars said “it could impact the company’s operation”, but did not specify what that might be.

In a statement published on the dark web on the evening of November 30, the Snatch ransomware gang said it had attacked the Volvo Car Corporation (VCC). Snatch published screenshots of allegedly stolen data from the Volvo hack on a Darknet website viewed by inside-it.ch.

read more

Hacker Allegedly Sells Sensitive Data from Volvo

December 28, 2022

A threat actor is allegedly selling sensitive data, including information on vehicles the company sells to law enforcement.
Somebody has posted an ad on a popular hacking forum, claiming they are selling sensitive data of the Swedish manufacturing giant Volvo.

The threat actor behind insists that the company fell victim to a ransomware attack in late December. However, the attacker decided to sell the data instead, being convinced that Volvo would not pay the ransom. The relatively modest price set for the dataset signals the information might not be as sensitive.

read more

Sweden’s Largest Supermarket Chain Closes Stores in Ransomware Attack

July 2, 2021

Coop, one of Sweden’s largest supermarket store chains, has shut down nearly 800 stores across the country after one of its contractors was hit by ransomware in the aftermath of the Kaseya security incident on Friday. The stores were closed after cash registers and self-serving stations went down and prevented Coop employees from processing in-store payments. Stores remained closed for two days.
The incident took place at the same time that a ransomware gang managed to infiltrate its way into the network of Kaseya, a provider of remote management app solutions, and deployed a version of the REvil ransomware to some of Kaseya’s customers, disguised as an update to the VSA software.

read more

Axis Communications Hit in Cyberattack

February 19, 2022

Axis Communications, a Swedish maker of network cameras and other physical security solutions used by government and private sector organizations globally, suffered a cyberattack earlier this month that disrupted its operations, company officials said.
“On the night between Saturday February 19 and Sunday February 20, Axis was the subject of a cyberattack. Using several combinations of social engineering, attackers were able to sign in as a user despite protective mechanisms such as multi-factor authentication,” company officials said in an advisory posted.
“Inside, the attackers used advanced methods to elevate their access and eventually gain access to directory services.”

read more