- A database containing complete behavior and financial profiles of people and companies were left without a guarantee online
- The researchers claim that it belongs to a Danish Fintech company
- The firm denies having something to do with the file
A huge database, which contains millions of highly confidential information about Swedish citizens, was sitting on the internet open, available for anyone who knew where to look.
Cybernews Recently, the researchers discovered a badly configured elasticsearch server that described as a “business gold mine data mine”, which contains hundreds of millions of highly detailed records that belong to Swedish individuals and organizations.
He attributed it to a business intelligence specialist, but the company denied having something to do with the file.
Who possesses the data?
In total, the data created a financial profile and detailed behavior of citizens and organizations in Sweden.
In general, it contained more than 100 million data records, generated between 2019 and 2024, and distributed in 25 indices.
This contained the names of people (including the history of previous names), the numbers of Swedish personal identity, the dates of birth, the gender, the history of addresses (both locally and abroad), the civil status, the information about the deceased people, the foreign directions (for the emigrants), the debt records, the payment observations, the record of bankrupt on income, activity and records of events, financial data and behavior data.
Cybernews‘The researchers attributed the server to Risika, a Danish company of Fintech that offers real -time credit evaluation, risk monitoring and financial risk intelligence for companies.
They affirm that the use of “DWH*” internal labels, and product -oriented index names “coincided with the conventions of known Risika products.”
However, the researchers also claim that the database was probably operated by a third downstream, after Risika “legitimately” data under a commercial license, “only to be poorly configured and exposed.”
The researchers communicated with Risika, and the database was blocked the next day.
Meanwhile, the company responded, stating that it had nothing to do with the files:
“Our preliminary research indicates that the data referred to in the informed escape contains information that we do not have, store or have access through our commercial operations. This suggests that our systems are not the source of this particular data violation,” said the company’s spokesman for researchers.
