This data breach affected a website maintained by the New Business Center in Helsinki (“Helsingin Uusyrityskeskus”), that is a company that provides business advice to entrepreneurs.
“Data batches have overwritten username and password for over 130,000 users. The violation occurred on an open website for business ideas (liiketoimintasuunnitelma.com).” reported the local media Svenska.
After the discovery of the data breach on 3rd April, the new business center in Helsinki has taken down the affected website.
The bad news for the Finnish citizens is that the password stored on the website were in plain text.
The Finnish Communications Regulatory Authority (FICORA) is warning users of a massive data breach.
“About 130,000 user accounts and plaintext passwords have been revealed. Other confidential information may also have been disclosed. Due to the number of user accounts exposed, this is Finland’s third largest data breach.” states the advisory published by FICORA.
— Viestintävirasto (@viest_virasto) April 6, 2018
“We are very sorry for all the people who have been subjected to crime and who may be affected by mental or financial disadvantages. Unfortunately, we are not yet able to know exactly how many people are and what information this information breaks. We have filed an offense report, and the parties do not need to report to the police separately,” said Jarmo Hyökyvaara, Chairman of the Board of the New Business Center of Helsinki.
“The maintenance and security of our service was the responsibility of our subcontractor, our long-term partner. Unfortunately, the security of the service has not been enough to prevent this kind of attack. This is, in part, our mistake, and as a subscriber and owner of the service we are responsible for this.”
The New Business Center in Helsinki added that detailed information about its users was not exposed because they were stored on a different system, which was not affected by the data breach.
The company reported the security breach to law enforcement that is investigating the case.
Once the website will be online again, users are recommended to change their passwords immediately, I also suggest changing the passwords on any other service online for which the customers used the same credentials.
Pedro Tavares is a professional in the field of information security working as an Ethical Hacker/Pentester, Malware Researcher and also a Security Evangelist. He is also a founding member at CSIRT.UBI and Editor-in-Chief of the security computer blog seguranca-informatica.pt.
In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), malware, exploitation, hacking, IoT and security in Active Directory networks. He is also Freelance Writer (Infosec. Resources Institute and Cyber Defense Magazine) and developer of the 0xSI_f33d – a feed that compiles phishing and malware campaigns targeting Portuguese citizens.
Read more here.