Jake Saunders, Editor
Swedish authorities have opened an investigation into a possible breach of the country’s e-government system, raising concerns over the exposure of sensitive information and citizens’ personal data.
A hacker group known as ByteToBreach claimed responsibility for the attack, announcing the breach on the dark web early Thursday. The group reportedly shared files said to be taken from the Swedish branch of the global IT services firm CGI Group. These materials allegedly include source code related to Sweden’s e-government platform, internal staff databases, configuration files, and other technical data. ByteToBreach even claimed to possess “citizen databases” and “electronic signature documents,” which it offered for sale online.
Sweden’s CERT-SE (National Center for Cyber Incidents) confirmed that it is analyzing the leaked data. Officials stated that multiple agencies are working together to assess the damage and potential risks. Swedish Minister of Civil Defense Carl-Oskar Bohlin said the government remains in close contact with relevant bodies, including CERT-SE and the National Cybersecurity Center, as the investigation continues.
CGI, meanwhile, has attempted to minimize the significance of the incident. Company spokesperson Agneta Hansson told local media that no live systems or customer production environments were affected. According to the company, the intrusion only involved two internal test servers in Sweden and older versions of an application’s source code.
However, independent cybersecurity experts have cautioned that the exposure of source code—even if outdated—could still have lasting repercussions. They noted that malicious actors might study the leaked materials to identify weaknesses and mount further attacks in the future.
From Taiwan’s perspective, this case underscores the growing risks faced by governments that rely heavily on digital platforms for public services. It serves as a reminder of the need for continuous vigilance, stronger cyber defenses, and coordinated responses among government agencies and private-sector partners to safeguard sensitive national data.
