The City of Helsinki is working with Finland’s National Cyber Security Centre and the National Bureau of Investigation to pinpoint the culprits responsible for hacking into a remote server managed by the municipality.
The attack led to a massive breach of a City of Helsinki (CoH) database, prompting the Finnish government to order municipalities to conduct stress and risk assessments on primary IT networks to identify vulnerabilities from cyber threats. The increase in cyber attacks in Nordic countries this year has raised concerns, leading to discussions among governments about joint solutions to combat such incidents and enhance data security for public and private organizations.
In response to the cyber attack that targeted the municipality’s Education Resource Division (ERD) in April 2024, efforts were made to investigate and address the issue. The hackers exploited an outdated remote access server to access sensitive personal data, leading to the theft of millions of documents. However, the investigation determined that the stolen data has not been misused or sold on the dark web.
The breach also revealed that the CoH had failed to implement a software patch to prevent data breaches on the vulnerable server prior to the attack. As a result, personal information linked to children, parents, and guardians, including passport numbers, was compromised. The city is now working on rebuilding its IT database security to comply with General Data Protection Regulation (GDPR) requirements.
The attack on the CoH is considered one of the most severe breaches experienced by a municipality in Finland, resulting in the theft of case files for thousands of individuals. Additionally, the incident has spurred the Finnish government to introduce new legislation that would penalize municipalities for failing to protect personal data.
Despite the ongoing investigation into the security weaknesses that enabled the attack, the CoH may not face retroactive fines if found to have neglected adequate data security measures. The rise in data breach reports in Finland has highlighted the importance of implementing stronger cybersecurity measures in both public and private organizations.
The National Bureau of Investigation has identified Russia and China as the main sources of cyber threats against Finnish and Nordic targets. Russia, in particular, has been suspected of carrying out cyber attacks and breaches against various organizations in the region since 2022.
Overall, the incident has underscored the need for robust cybersecurity measures and continuous improvement to protect against cyber threats in an increasingly digital society.