130,000 citizens confidential information in Finland are leaked

According to Finnish Svenska media, 130,000 Finnish citizens appear to have become the latest victims of data breaches. From the perspective of the number of victims, this will be the third largest data breach in the history of the country.

The Finnish Communications Regulatory Authority (FICORA) warned all Finnish citizens on its website this Friday that a website (liiketoimintasuunnitelma[.]com) maintained by the Helsinki New Business Center (“Helsingin Uusyrityskeskus”) was on this Tuesday. An anonymous hacker was attacked. About 130,000 users’ account names and passwords were stolen, and other secret information was also stolen.

via: Wikimedia Commons

In Finland, anyone who wants to start a business can get free business advice through agencies such as the Uusyrityskeskus, Elinkeino-,liikenne- ja ympäristökeskus, ELY-keskus, Työ- ja elinkeinotoimisto, TE-toimisto, and Yritys-Suomi.

After a reasonable business idea is completed, entrepreneurs can contact these agencies to obtain advice and assistance from business professionals in the development of business operations. The agency staff will help entrepreneurs conduct a comprehensive market survey, feasibility data analysis and investigate the possibility of obtaining funds. Entrepreneurs can also get advice on how to set up a business plan and get support when making business decisions.

Liiketoimintasuunnitelma is such a website. Its purpose is to help registered users analyze the company’s overall business and clarify the expected corporate profitability and prospects for success. This is very helpful for entrepreneurs investing in Finland.

FICORA said that the site does not encrypt any stored information, either usernames or passwords are stored in clear text, making it easier for cybercriminals to use them.

After learning about this cyber attack on Tuesday, Helsingin Uusyrityskeskus immediately closed the affected site and posted a press release on the site’s homepage.

Jarmo Hyökyvaara, Chairman of the Board of Directors of Helsinki’s New Business Center, said in a press release: “We are very sorry for all the people who have been subjected to crime and who may be affected by mental or financial disadvantages. Unfortunately, we are not yet able to know exactly how many people are and what information this information breaks. We have filed an offense report, and the parties do not need to report to the police separately.”

JarmoHyökyvaara also emphasized that the personal details of registered users are not stored on the affected websites, so for registered users, the leaked information may be limited to the username and password.

Because the username and password are disclosed in clear text, JarmoHyökyvaara recommends that if a user uses the same username and password in other information systems or network services, these passwords should be modified immediately. Once the Liiketoimintasuunnitelma website is back online, it should also immediately modify the website’s account password.

Source: thehackernews