EU secure intranet has no business being there. I've never heard of it and it's "not a thing" in regards to this. Even if it is a thing in real life.
What happened was; the Swedish equivalent of the DMV was outsourcing everything to IBM, IBM were using their sites in the post-soviet bloc to handle this.
Part of the outsourcing were people playing a bit fast and loose with data security standards. Their primary database was unencrypted and they would routinely pass around excel spreadsheets with confidential information in them via email (even to external folks)
Then the Swedish government gave the "DMV" a list of people under witness protection. That list was sent (with a bunch of others) for "removal" from the system, IBM in the post-soviet country could not understand the difference between military personnel who had to be delisted for being undercover and witness protection people who would be given new identities.
So they sent a list with the new and old identities in an unencrypted excel spreadsheet. Those two sheets are what leaked.
The rest of the information was uncovered while they were looking at the source of the sheets.
> EU secure intranet has no business being there. I've never heard of it and it's "not a thing" in regards to this. Even if it is a thing in real life.
It's called s-TESTA, its precursor was TESTA [0].
The thing is: The same company responsible for the leak was allegedly also contracted to connect the Swedish government intranet to s-TESTA. So if the company is really a bad actor, and not merely incompetent, then there's a very real possibility of s-TESTA having been compromised.
I mean even if they are really just that incompetent, then that also doesn't bode well for whatever they did to connect the Swedish intranet to s-TESTA.
What happened was; the Swedish equivalent of the DMV was outsourcing everything to IBM, IBM were using their sites in the post-soviet bloc to handle this.
Part of the outsourcing were people playing a bit fast and loose with data security standards. Their primary database was unencrypted and they would routinely pass around excel spreadsheets with confidential information in them via email (even to external folks)
Then the Swedish government gave the "DMV" a list of people under witness protection. That list was sent (with a bunch of others) for "removal" from the system, IBM in the post-soviet country could not understand the difference between military personnel who had to be delisted for being undercover and witness protection people who would be given new identities.
So they sent a list with the new and old identities in an unencrypted excel spreadsheet. Those two sheets are what leaked.
The rest of the information was uncovered while they were looking at the source of the sheets.