Massive data breach a 'national security risk'
Three million Swedes may have had their medical journals available to prying eyes, after a large-scale IT failure affected patients in Stockholm and Gotland.
The Dagens Nyheter (DN) newspaper, which made the discovery, reported on Wednesday that there were signs that intruders had tried to access medical journals.
The medical log system Take Care, which is used by hospitals and general practices both in Stockholm County and on the island of Gotland, experienced several technical malfunctions this past summer. Several journals were simply connected straight to the internet without a firewall on the central servers, several sources told DN.
The security lapse persisted for eight months, allowing outsiders to access the system. While sources told the newspaper that there were signs of attempted breaches, Stockholm County deputy administrative head Anders Nyström demented the claim.
"There are no indications that someone without the right to access the information has gained entry to any sensitive information," he told DN. The county has asked three independent consultants to examine the breach and report back.
Not all observers were equally sanguine about the news.
"This puts national security at risk," said the Swedish Medical Association's (Läkarförbundet) IT expert Rikard Lövström.
"For eight months, anybody could have waded into any patient journal, probably even including people in the royal family and other people who lead the country."
Comments
See Also
The Dagens Nyheter (DN) newspaper, which made the discovery, reported on Wednesday that there were signs that intruders had tried to access medical journals.
The medical log system Take Care, which is used by hospitals and general practices both in Stockholm County and on the island of Gotland, experienced several technical malfunctions this past summer. Several journals were simply connected straight to the internet without a firewall on the central servers, several sources told DN.
The security lapse persisted for eight months, allowing outsiders to access the system. While sources told the newspaper that there were signs of attempted breaches, Stockholm County deputy administrative head Anders Nyström demented the claim.
"There are no indications that someone without the right to access the information has gained entry to any sensitive information," he told DN. The county has asked three independent consultants to examine the breach and report back.
Not all observers were equally sanguine about the news.
"This puts national security at risk," said the Swedish Medical Association's (Läkarförbundet) IT expert Rikard Lövström.
"For eight months, anybody could have waded into any patient journal, probably even including people in the royal family and other people who lead the country."
Join the conversation in our comments section below. Share your own views and experience and if you have a question or suggestion for our journalists then email us at [email protected].
Please keep comments civil, constructive and on topic – and make sure to read our terms of use before getting involved.
Please log in here to leave a comment.