Swedish E-Government Platform Source Code Leaked in Suspected Cyberattack A threat actor known as ByteToBreach has claimed responsibility for leaking source code and sensitive materials tied to Sweden’s e-government infrastructure, triggering an investigation by Swedish authorities and an incident response from CGI Sverige, the local subsidiary of global IT firm CGI Group. The breach, first reported on Thursday by cybersecurity accounts on X and local media, allegedly exposed internal files, including source code, configuration files, staff databases, and potentially citizens’ personally identifiable information (PII). While CGI confirmed the incident involved two non-production test servers in Sweden stating that no customer production data or operational services were impacted Sweden’s civil defense minister, Carl-Oskar Bohlin, acknowledged the leak and said authorities, including CERT-SE and the National Cyber Security Center, are working to identify the perpetrators. Security experts, including IT specialist Anders Nilsson, reviewed the leaked materials and deemed them authentic, noting the presence of source code for multiple programs. The breach raises concerns given Sweden’s heavy reliance on e-government services, with 95% of its 10.7 million population using such platforms in 2024, per Eurostat data. Threat intelligence platform Threat Landscape linked ByteToBreach to a prior attack on Viking Line, suggesting an ongoing campaign targeting Swedish and European infrastructure via CGI’s managed services. While the full extent of the leak remains unverified, researchers warn that exposed code or documentation could enable follow-on attacks if vulnerabilities are identified. CGI has not publicly detailed the full scope of the compromised data.