07:44 GMT +324 October 2018
Listen Live
    Telenor's logo is seen in central Belgrade, Serbia, March 21, 2018

    Personal Data of Over 100,000 Swedes Leak to Norway in Major IT Breach

    © REUTERS / Marko Djurica
    Europe
    Get short URL
    0 17

    Using processes not permitted in Sweden, the Norwegian telecom giant gained access to sensitive information from the Swedish Tax Agency, including users' place of residence and earnings.

    Norwegian telecom company Telenor has been reported to Sweden's Data Protection Authority after it erroneously collected the personal data of between 120,000 and 140,000 Swedish customers without permission, the Swedish daily Dagens Nyheter reported.

    Telenor's Swedish subcontractor Identitrade AB turned out to have access to information held by the Swedish Tax Agency when customers logged to their Tax Agency account via Telenor's site using digital ID. The information the company gained access to included where users live and how much they earn.

    According to Swedish Tax Agency head of security Pär Rylander, the process used in accessing personal data was not permitted.

    "It's not allowed to do this stuff and you're not really expected to do it. It's an unchecked secondary login. As a citizen, you give a private actor access to information about you," Pär Rylander explained.

    READ MORE: Money, Money, Money: Sweden to Become World's First Cashless Society by 2023

    Having discovered the slip-up, the Swedish Tax Agency immediately blocked the secondary log-in process. By then, however, around 140,000 people in the Scandinavian nation of 10 million were already affected. Telenor's own estimate put the number of victims somewhat lower, at 120,000.

    Rylander said an investigation was ongoing, stressing that the incident could be a sign that companies other than Telenor have used this service.

    Identitrade CEO Philip Hallenborg admitted using the data from the Tax Agency.

    "We have a service that utilizes the Swedish Tax Agency's website in a way they do not like," he said.

    Telenor communications manager Aron Samuelsson confirmed the incident, admitting that his company had used the secondary log-in system to verify customers in their online payment system, but erroneously took in more information than necessary. At the same time, he insisted that the personal data hasn't been spread to other parties.

    Telenor ASA is a Norwegian multinational telecommunications company headquartered in Fornebu, Bærum, close to Oslo. With about 35,000 employees, it is one of the world's largest telecom companies with worldwide operations focusing on Scandinavia, Eastern Europe and Asia. It is the third-largest company listed on the Oslo stock exchange after DNB and Equinor (formerly known as Statoil).

    READ MORE: Norwegians Baffled as Oil Giant Drops 'Oil' in Push for Environment, Diversity

    Telenor started off in 1855 as a state-operated monopoly provider of telegraph services and the Norwegian state remains the majority shareholder.

    Related:

    Norwegians Baffled as Oil Giant Drops 'Oil' in Push for Environment, Diversity
    More of 'Big Brother', Please! 9 in 10 Swedes Want More Camera Surveillance
    Money, Money, Money: Sweden to Become World's First Cashless Society by 2023
    'Swish for Migrants' One of Sweden's 'Fastest-Growing Companies'
    Not All Size Matters: Minuscule Finnish Municipality to Test Own Currency
    Tags:
    data leak, digital economy, IT, Telenor, Scandinavia, Sweden, Norway
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik
    • Сomment