Sweden's Largest-Ever Hack Hits Politicians and Journalists
The login credentials of 180,000 Swedish citizens were exposed in a hacking scandal that experts are calling the single largest data breach in the country's history.
The account passwords associated with about 60 websites hosted on Blogtoppen.se, a popular Swedish blogging platform, were made public, resulting in the exposure of the estimated 180,000 individual passwords, according to The Local, an English-language news publication based in Sweden.
The leaked credentials include the email addresses of 79 members of Sweden's Moderate Party, 50 Liberal Party members and many prominent journalists.
Jimmy Holmlund, the operator of Bloggtoppen, confirmed to The Local that the site was hacked and has been shut down.
A message converted into English from Swedish on Bloggtoppen.se reads: "Blog Top is closed until further notice due to system maintenance alleged hacking. Unknown perpetrators have come across the user database with user names, email addresses and hashed passwords, which means that if you, the user has used the same login information for other services on the Web likely these accounts to be hijacked."
The security firm Kaspersky Lab reported that the credentials were made public via the Twitter account of William Petzäll, who left the Moderate Party in September to become an independent member of parliament. Petzäll is currently battling an addiction to alcohol and prescription drugs, the Local said, and was recently committed involuntarily to the hospital.
Petzäll's lawyer said the troubled lawmaker is not responsible for publishing the leaked data and that his Twitter account was hijacked. (Coincidentally, another member of parliament, Josef Fransson, had his Twitter feed hacked Tuesday; a message on his feed yesterday Oct. 26 said that Petzäll's Twitter account was not hacked, according to the Swedish paper Expressen.
The Local said that a user named "Sc3a5j first posted information about the breached blog user names and passwords on Twitter in August, but it wasn't until Petzäll alerted the public on his Twitter feed that people took notice.