CGI Sverige AB, an IT and business consulting services firm managing infrastructure for the Swedish public sector, has reportedly suffered a severe network compromise that directly impacts the country’s e-government platform. The incident allegedly stems from numerous critical vulnerabilities within CGI’s infrastructure, including a full Jenkins compromise, Docker escapes, and SSH private key pivoting. The threat actor, operating anonymously on a cybercrime forum, has released the entire source code of the e-government platform for free, encouraging researchers to find further vulnerabilities. The actor explicitly emphasized that the compromised infrastructure clearly belongs to CGI Sverige, preemptively dismissing potential claims that the breach originated from a third-party vendor.
According to the actor, the allegedly compromised data includes:
-
Entire Swedish E-Government platform source code
-
Citizen databases containing Personally Identifiable Information (PII)
-
Internal staff databases
-
Documents designated for electronic signing
-
API documentation for signing processes
-
Internal network reconnaissance and hprof files
Daily Dark WebRead More
R1
T1
