Saturday , April 19 2025
TIETOEVRY

Swedish customers affected
Akira ransomware hits cloud service Tietoevry

A ransomware attack on a data center run by Finnish IT company Tietoevry has caused widespread outages in Sweden, affecting healthcare, government services, retail outlets, and the largest cinema chain in the country.

Tietoevry, a publicly traded company based in Espoo, Finland, reported that an attack occurred over the weekend. The attack affected one of their Swedish data centers and caused outages for Swedish customers.

CVE-2025-2492
ASUS warns of critical auth bypass flaw in routers

Hackers can exploit a vulnerability in Asus routers to execute unauthorized functions. This serious issue, rated 9.2 out of 10,...
Read More
CVE-2025-2492  ASUS warns of critical auth bypass flaw in routers

16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia

According to Shadowserver Foundation around 17,000 Fortinet devices worldwide have been compromised using a new technique called "symlink". This number...
Read More
16,000+  Fortinet devices compromised with symlink backdoor, Mostly in Asia

Patch now! Critical Erlang/OTP SSH Vuln Allows UCE

A critical security flaw has been found in the Erlang/Open Telecom Platform (OTP) SSH implementation, allowing an attacker to run...
Read More
Patch now! Critical Erlang/OTP SSH Vuln Allows UCE

CISA warns of increasing risk tied to Oracle legacy Cloud leak

On Wednesday, CISA alerted about increased breach risks due to the earlier compromise of legacy Oracle Cloud servers, emphasizing the...
Read More
CISA warns of increasing risk tied to Oracle legacy Cloud leak

CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App

Cisco issued a security advisory about a serious vulnerability in its Webex App that allows unauthenticated remote code execution (RCE)...
Read More
CVE-2025-20236  Cisco Patches Unauthenticated RCE Flaw in Webex App

Apple released emergency security updates for 2 zero-day vulns

On Wednesday, Apple released urgent operating system updates to address two security vulnerabilities that had already been exploited in highly...
Read More
Apple released emergency security updates for 2 zero-day vulns

Oracle Released Patched for 378 flaws for April 2025

On April 15, 2025, Oracle released a Critical Patch Update for 378 flaws for its products. The patch update covers...
Read More
Oracle Released Patched for 378 flaws for April 2025

CVE-2025-24054
Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild

Check Point Research warns of the active exploitation of a new vulnerability, CVE-2025-24054, which lets hackers leak NTLMv2-SSP hashes using...
Read More
CVE-2025-24054  Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild

Bengaluru firm got ransomware attack, Hacker demanded $70,000

Bengaluru's Whiteboard Technologies Pvt Ltd was hit by a ransomware attack, with hackers demanding a ransom of up to $70,000...
Read More
Bengaluru firm got ransomware attack, Hacker demanded $70,000

MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today

MITRE Vice President Yosry Barsoum warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness...
Read More
MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today

The company, which last reported annual revenue of $3.3 billion, has 24,000 employees and counts customers in over 90 countries.

Tietoevry informed Swedish customers about the attack on Saturday. They isolated the attacked infrastructure to contain the incident. The company apologized for the inconvenience caused and assembled teams to fix the attack and restore the systems.

Tietoevry cannot estimate how long it will take to restore everything due to the nature of the incident and the number of customer-specific systems. It may take several days or even weeks. They are working to resolve it as soon as possible in collaboration with the affected customers.

“We sincerely apologize for the problems this malicious attack is causing for our customers and everyone that is impacted by this,” Venke Bordal, head of market in Sweden for Tietoevry Tech Services, said in a statement. “We have allocated all necessary resources to address this with full attention.”

Several Swedish organizations have reported IT outages due to a ransomware attack. The attack has also affected Tietoevry’s managed HR and payroll system, known as Primula. This system is used by around thirty government authorities, as well as many universities and colleges. Institutions such as Karolinska Institutet, Linnaeus University, Lund University of Technology, Swedish University of Agricultural Sciences, and University West have all experienced issues with their payroll systems or other disruptions due to this attack.

Uppsala County officials in Sweden are dealing with a crisis as the region’s medical records and financial systems went offline. They are concerned that the situation could get worse if the systems are not restored promptly.

“There is no immediate risk to patients due to the IT disruption, but we are forced to use backup routines and manual handling in healthcare to a lesser extent. This means that administrative procedures can take a little longer than they usually do,” said Mikael Köhler, director of health and medical care in the Uppsala region, said in a statement on Sunday, according to a machine translation.

Köhler said officials are working to promptly notify private healthcare providers in Uppsala about the outages.

The municipalities of Bjuvs and Vellinge experienced issues with their payroll systems. Vellinge also reported that their library systems are currently offline.

Sweden’s national government service center, Statens, has been affected by the outage. However, the organization has assured that government salaries for this month will still be paid. They had already processed the payroll data and sent the payments to banks before the attack happened.

Sweden’s largest cinema chain, Filmstaden, can’t sell advance tickets on its website or app due to the outages. Granngården, one of Sweden’s largest retailers, closed its over 100 retail outlets because of the attack. The company told customers they hope the problem will be resolved soon.

The Tietoevry data center was targeted in a ransomware attack. It provides enterprise hosting for managed cloud services, such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform reported Bleeping Computer.

The company statement reads, “the ransomware attack on one of Tietoevry’s datacenters in Sweden has impacted Tietoevry’s services to a limited group of customers in Sweden. The affected platform was isolated immediately, and the attack has not impacted other parts of Tietoevry’s infrastructure. As of today, Monday 22nd January, the work to restore the impacted services is progressing.

The malicious attack based on Akira ransomware on one of our datacenters in Sweden took place during the night of January 19-20. Tietoevry takes the situation very seriously and has an extensive team of experts and technicians working around the clock to minimize the impact and restore services.

Tietoevry has over the weekend completed the thorough preparations essential for initiating restoration of the customer-specific services. Currently, Tietoevry cannot say how long the restoration process as a whole will take – considering the nature of the incident and the number of customer-specific systems to be restored, the total timespan may extend over several days, even weeks. We are focused on resolving this as soon as technically possible, in close collaboration with the customers in question.

“We understand that this situation is challenging for the impacted customers, and we are making every effort to ensure that they are kept up to date on the progress being made. We regret the inconvenience caused by this malicious attack on our customers and all those affected by it. Our priority is to continue with bringing our customers services back safely and efficiently”, says Venke Bordal, Head of Tietoevry Tech Services Sweden.

Tietoevry has increased the preparedness and surveillance of its infrastructure overall as a security measure. Tietoevry is collaborating with relevant authorities and has filed a report to the Swedish police.”

Check Also

PwC

PwC exits more than a dozen countries in push to avoid scandals: FT reports

PwC has ceased operations in more than a dozen countries that its global bosses have …

Leave a Reply

Your email address will not be published. Required fields are marked *