• Home
  • cyber
  • CGI Sverige: Sweden probes reported leak of e-government platform source code
cyber Breach

CGI Sverige: Sweden probes reported leak of e-government platform source code

Mar 12, 2026 2 min read
CGI Sverige: Sweden probes reported leak of e-government platform source code

Swedish E-Government Platform Source Code Leaked in Suspected Cyberattack

A threat actor known as ByteToBreach has claimed responsibility for leaking source code and sensitive materials tied to Sweden’s e-government infrastructure, triggering an investigation by Swedish authorities and an incident response from CGI Sverige, the local subsidiary of global IT firm CGI Group.

The breach, first reported on Thursday by cybersecurity accounts on X and local media, allegedly exposed internal files, including source code, configuration files, staff databases, and potentially citizens’ personally identifiable information (PII). While CGI confirmed the incident involved two non-production test servers in Sweden stating that no customer production data or operational services were impacted Sweden’s civil defense minister, Carl-Oskar Bohlin, acknowledged the leak and said authorities, including CERT-SE and the National Cyber Security Center, are working to identify the perpetrators.

Security experts, including IT specialist Anders Nilsson, reviewed the leaked materials and deemed them authentic, noting the presence of source code for multiple programs. The breach raises concerns given Sweden’s heavy reliance on e-government services, with 95% of its 10.7 million population using such platforms in 2024, per Eurostat data.

Threat intelligence platform Threat Landscape linked ByteToBreach to a prior attack on Viking Line, suggesting an ongoing campaign targeting Swedish and European infrastructure via CGI’s managed services. While the full extent of the leak remains unverified, researchers warn that exposed code or documentation could enable follow-on attacks if vulnerabilities are identified. CGI has not publicly detailed the full scope of the compromised data.

Source: https://www.tradingview.com/news/cointelegraph:077d8119f094b:0-sweden-probes-reported-leak-of-e-government-platform-source-code/

CGI cybersecurity rating report: https://www.rankiteo.com/company/cgi

"id": "CGI1773398582",
"linkid": "cgi",
"type": "Breach",
"date": "3/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Potentially Sweden’s 10.7 '
                                              'million population using '
                                              'e-government services',
                        'industry': 'Government/IT',
                        'location': 'Sweden',
                        'name': 'CGI Sverige',
                        'type': 'IT Services'}],
 'data_breach': {'data_exfiltration': 'Yes',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High (PII, internal files)',
                 'type_of_data_compromised': ['Source code',
                                              'Configuration files',
                                              'Staff databases',
                                              'Personally identifiable '
                                              'information (PII)']},
 'description': 'A threat actor known as *ByteToBreach* has claimed '
                'responsibility for leaking source code and sensitive '
                'materials tied to Sweden’s e-government infrastructure, '
                'triggering an investigation by Swedish authorities and an '
                'incident response from CGI Sverige, the local subsidiary of '
                'global IT firm CGI Group. The breach allegedly exposed '
                'internal files, including source code, configuration files, '
                'staff databases, and potentially citizens’ personally '
                'identifiable information (PII).',
 'impact': {'brand_reputation_impact': 'Raises concerns due to Sweden’s heavy '
                                       'reliance on e-government services',
            'data_compromised': 'Source code, configuration files, staff '
                                'databases, potentially citizens’ personally '
                                'identifiable information (PII)',
            'identity_theft_risk': 'Potential risk due to exposure of PII',
            'systems_affected': 'Two non-production test servers'},
 'investigation_status': 'Ongoing',
 'references': [{'source': 'Cybersecurity accounts on X, local media'},
                {'source': 'Threat Landscape (threat intelligence platform)'},
                {'source': 'Eurostat data'}],
 'regulatory_compliance': {'regulatory_notifications': 'Authorities including '
                                                       'CERT-SE and the '
                                                       'National Cyber '
                                                       'Security Center '
                                                       'notified'},
 'response': {'communication_strategy': 'Public acknowledgment of the incident',
              'incident_response_plan_activated': 'Yes'},
 'stakeholder_advisories': 'Swedish authorities (CERT-SE, National Cyber '
                           'Security Center) are investigating',
 'threat_actor': 'ByteToBreach',
 'title': 'Swedish E-Government Platform Source Code Leaked in Suspected '
          'Cyberattack',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.