Massive data leak maps out years of Swedish citizens’ private lives
An unsecured server has exposed hundreds of millions of detailed records on Swedish citizens and companies, offering a data goldmine for anyone who stumbles on it. A misconfigured Elasticsearch server has exposed a goldmine of business intelligence data with hundreds of millions of highly detailed records tied to Swedish individuals and organizations. Cybernews researchers identified the unsecured database, which did not require any authentication and was fully accessible to the public internet. The leaked data consisted of over 100 million records dated from 2019 to 2024, spread across 25 separate indices, with some datasets ballooning to more than 200GB in size. What was leaked? Many leaked records contained highly sensitive personal and organizational information, including: Full legal names, including history of previous names Swedish personal identity numbers Date of birth and gender Address history, both in Sweden and abroad Civil status and information about deceased individuals Foreign addresses for emigrants Debt records, payment remarks, bankruptcy history, property ownership indicators Income tax data spanning several years (2019–2023) Activity and event logs (including income statement submissions, migration status, and address updates)