The adage that governments cannot be trusted with private data has been proven once again. The Swedish government has been caught giving foreign nationals access to the data of millions of citizens, including the nation’s transport register, police registers and military secrets.

The data leak occurred in September 2015, when the Swedish Transport Agency outsourced the management of its database and other information technology services to IBM Corp. in the Czech Republic as part of a cost-cutting measure. IBM subsequently subcontracted to NCR Corp. in Serbia parts of the system, including communications and firewalls, giving employees at the company access to encrypted traffic across Swedish government networks.

Serbia, for those not current in geopolitics, is not a member state of the European Union and has a close relationship with Russia, meaning that state secrets were literally open to being stolen by agents of both countries.

Whether the data ended up in Russian hands or not is not clear, but some data did most definitely leak. A marketing agency was emailed a full database of every vehicle registered in the country, including military and police vehicles. Disturbingly, the data also available included details of individuals in witness protection programs, military members and information nation’s roads, rail and maritime infrastructure, all juicy targets for spies.

“Many governments have had partial leaks in terms of method (Snowden) or relations (Manning) lately, but this is the first time I’m aware that the full treasure chest of every single top-secret governmental individual with photo, name, and home address has leaked,” Pirate Party founder and privacy advocate Rick Falkvinge said in a blog post Friday that first exposed the scandal in English.

The data itself is still available on IBM and NCR servers, meaning it remains at risk of being further leaked, though the government itself is saying that it is in the process of re-securing the data. Only one person has been taken to task over the breach so far, with the government fining an official 70,000 Swedish crowns ($8,500) for revealing information that could impact national security.

“It goes to show, again, that governments can’t even keep their most secret data under wraps,” Falkvinge added, “so any governmental assurances to keep your data safe have as much value as a truckload of dead rats in a tampon factory.”

Photo: Pexels