An unsecured server has exposed hundreds of millions of detailed records on Swedish citizens and companies, offering a data goldmine for anyone who stumbles on it.
A misconfigured Elasticsearch server has exposed a goldmine of business intelligence data with hundreds of millions of highly detailed records tied to Swedish individuals and organizations.
Cybernews researchers identified the unsecured database, which did not require any authentication and was fully accessible to the public internet.
The leaked data consisted of over 100 million records dated from 2019 to 2024, spread across 25 separate indices, with some datasets ballooning to more than 200GB in size.
What was leaked?
Many leaked records contained highly sensitive personal and organizational information, including:
Full legal names, including history of previous names
Swedish personal identity numbers
Date of birth and gender
Address history, both in Sweden and abroad
Civil status and information about deceased individuals
Foreign addresses for emigrants
Debt records, payment remarks, bankruptcy history, property ownership indicators
Income tax data spanning several years (2019–2023)
Activity and event logs (including income statement submissions, migration status, and address updates)
Detailed blueprints of Russia’s modernized nuclear weapon sites, including missile silos, were found leaking in public procurement database.
Russia is modernizing its nuclear weapon sites, including underground missile silos and support infrastructure. Data, including building plans, diagrams, equipment, and other schematics, is accessible to anyone in the public procurement database.
Journalists from Danwatch and Der Spiegel scraped and analyzed over two million documents from the public procurement database, which exposed Russian nuclear facilities, including their layout, in great detail. The investigation unveils that European companies participate in modernizing them.
According to the exclusive Der Spiegel report, Russian procurement documents expose some of the world’s most secret construction sites.
“It even contains floor plans and infrastructure details for nuclear weapons silos,” the report reads.
German building materials and construction system giant Knauf and numerous other European companies were found to be indirectly supplying the modernization through small local companies and subsidiaries.
Knauf condemned the Russian invasion of Ukraine and announced its intention to withdraw from its Russian business in 2024. Knauf told Der Spiegel that it only trades with independent dealers and cannot control who ultimately uses its materials in Russia.
Danwatch jointly reports that “hundreds of detailed blueprints” of Russian nuclear facilities, exposed in procurement databases, make them vulnerable to attacks.
“An enormous Russian security breach has exposed the innermost parts of Russia’s nuclear modernization,” the article reads.
“It’s completely unprecedented.”
The journalists used proxy servers in Russia, Kazakhstan, and Belarus to circumvent network restrictions and access the documents. The rich multimedia in the report details the inner structure of bunkers and missile silos.
Adidas on Tuesday officially confirms a third-party breach has led to the compromise of customer data, but questions remain as to whose customer data was impacted and where.
The German sportswear company was reported by Cybernews to have sent breach notifications to its regional customers in Turkey and Korea earlier this month.
But now, it appears Adidas has posted an official notice on both its German and English-language websites about what could be one singular cyber incident impacting its entire network – or possibly a third breach impacting another Adidas regional network.
Titled “Data Security Information,” Adidas stated it recently became aware “that an unauthorized external party obtained certain consumer data through a third-party customer service provider.”
Adidas confirms customer data was stolen in a recent third-party vendor breach on its website, adidas-group.com. Image by Cybernews.
Cybernews, which happened to cover both the Adidas Turkey and the Adidas Korea breaches as they hit the news cycle in their respective countries, has reached out to Adidas for the second time this month, looking for further clarification.
So far, there has been no response to either inquiry at the time of this report, but Cybernews will update our readers if that changes.
The Korean breach notice states the attackers were able to obtain information customers submitted to the Adidas customer center in 2024 and previous years.
Reportedly, the leaked information includes names, email addresses, phone numbers, dates of birth, and other personal details, as was similarly reported in the Turkish media.
