Cyberattack against the university´s system supplier Miljödata

On 23 August, Miljödata’s IT environment was subjected to a cyberattack. In the attack, the Adato system, which is used at the university to manage sick leave, was temporarily unavailable. The university received information about this on 25 August. Subsequently, it became known that certain personal data belonging to employees and former employees of the University of Borås has been leaked from Adato to the attacker and then spread online. 

The University of Borås has made a report to the Swedish Authority for Privacy Protection about the incident. The incident has also been reported to the police by Miljödata AB.

All employees and former employees since 2015 at the University of Borås are included in the system, regardless of whether they have been on sick leave or not.

Information that has been leaked includes:

• Name
• Swedish personal identification number
• Home address (which was registered in the Primula payroll system when you were employed)
• Private phone number (if you have registered it voluntarily in the Primula payroll system during your employment)
• Sex
• Number of sick days

When personal data is leaked, the risk of different types of fraud increases, so be extra vigilant. Two common threats are identity theft and phishing attacks.

Identity theft

Fraudsters can use your personal data to order goods on credit, take out loans, or open subscriptions in your name. Access to your Swedish personal identification number makes it easier for them to impersonate a trusted party, such as your bank or employer. The personal number is often only one piece of the puzzle, but together with other information it can be enough to commit fraud.

Signs of identity theft can be:

• Receiving notice of unexpected credit checks
• Invoices or collection demands for things you didn't order
• Rejection of loans or credits you never applied for

If you suspect that someone is using your identity, you should immediately contact your bank, the relevant authorities or other relevant organisations.

Phishing

When your data is leaked, the risk of phishing also increases. Scammers may send emails, text messages, or make calls that look very credible because they use details about you to appear legitimate. 

Therefore, be extra careful about clicking on links or opening attachments in unexpected messages. Never log into your BankID upon someone’s request and never give out your password by phone, text, or email. Also be aware of unexpected multifactor authentication requests, such as a push notification or code via email or text message for a login you did not initiate yourself.

Most scams can be avoided if you pay attention. At the slightest suspicion, stop and ask yourself some important questions:

• Why is there such a rush? Attackers often try to get you to act quickly to avoid following standard security procedures.
• Is the request expected and reasonable? Do you receive this type of request from this sender regularly, or does it seem unusual?
• Does it sound too good to be true? If something seems too good to be true, it probably is.
• Does the sender seem to be correct? Your bank will never send you emails from, for example, swedbank@gmail.com or kund@icabanken-se.nu

If you receive an email or call that seems suspicious, remember that you can always call or contact the person/organisation yourself via their official contact channels to make sure the request is genuine.

If you want advice on how you as a private individual can act in this type of incident, information is available for private individuals on the websites of the Swedish Tax Agency, the Swedish Police, the Swedish Civil Contingencies Agency (MSB), and the Swedish Enforcement Authority. 

If you have any questions about the incident, please contact HR at the University of Borås. For current employees, information is available in logged in mode on the employee website.

Email:  hr@hb.se 
Phone: +46 (0)33-435 4300, telephone hours 09:00-11:30 weekday