• Home
  • cyber
  • Finland’s State Centre for ICT Services: State data breach exposes details of up to 50,000 officials
cyber Breach

Finland’s State Centre for ICT Services: State data breach exposes details of up to 50,000 officials

Jan 30, 2026 2 min read
Finland’s State Centre for ICT Services: State data breach exposes details of up to 50,000 officials

Finland’s Government Hit by Major Data Breach Affecting 50,000 Employees

A significant cybersecurity breach at Finland’s State Centre for ICT Services (Valtori) has exposed work-related data of up to 50,000 government employees, including staff across all ministries. The incident, detected on 30 January, was publicly disclosed last week as investigations revealed its full scope.

The attacker accessed names, work email addresses, phone numbers, and device identifiers tied to government-issued mobile phones and tablets. While the breach did not compromise device content such as messages, contacts, or photos it included historical data from users of Valtori’s mobile device management (MDM) system. Authorities confirmed that ministers and senior officials may have been affected, though no evidence suggests their data was misused.

Valtori initially estimated the breach impacted 20,000 devices, but further analysis expanded the figure to 50,000 users nearly two-thirds of Finland’s 77,000 state employees. The vulnerability stemmed from an unpatched flaw in a commercial MDM system, which was later secured once a patch became available. Investigators also discovered that deleted data had been marked as removed without being fully erased, allowing historical records to be exposed.

The breach does not affect all government agencies; devices used in secure networks for security authorities remained unaffected. Location data was also not compromised. The National Bureau of Investigation, Valtori, and the National Cyber Security Centre are leading the ongoing investigation.

While the incident has not disrupted ministry operations, it underscores the risks of unpatched vulnerabilities in critical IT infrastructure.

Source: https://www.helsinkitimes.fi/finland/finland-news/domestic/28492-state-data-breach-exposes-details-of-up-to-50-000-officials.html

CSC - IT Center for Science cybersecurity rating report: https://www.rankiteo.com/company/csc---it-center-for-science

"id": "CSC1770409977",
"linkid": "csc---it-center-for-science",
"type": "Breach",
"date": "1/2026",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': '50,000 government employees',
                        'industry': 'Information Technology / Government',
                        'location': 'Finland',
                        'name': 'Finland’s State Centre for ICT Services '
                                '(Valtori)',
                        'size': '77,000 state employees (50,000 affected)',
                        'type': 'Government Agency'}],
 'attack_vector': 'Unpatched vulnerability in MDM system',
 'data_breach': {'number_of_records_exposed': '50,000',
                 'personally_identifiable_information': 'Names, work email '
                                                        'addresses, phone '
                                                        'numbers, device '
                                                        'identifiers',
                 'sensitivity_of_data': 'Work-related data (names, emails, '
                                        'phone numbers, device identifiers)',
                 'type_of_data_compromised': 'Personally Identifiable '
                                             'Information (PII)'},
 'date_detected': '2024-01-30',
 'description': 'A significant cybersecurity breach at Finland’s State Centre '
                'for ICT Services (Valtori) has exposed work-related data of '
                'up to 50,000 government employees, including staff across all '
                'ministries. The attacker accessed names, work email '
                'addresses, phone numbers, and device identifiers tied to '
                'government-issued mobile phones and tablets. Historical data '
                'from users of Valtori’s mobile device management (MDM) system '
                'was also exposed.',
 'impact': {'data_compromised': 'Names, work email addresses, phone numbers, '
                                'device identifiers',
            'operational_impact': 'No disruption to ministry operations',
            'systems_affected': 'Mobile Device Management (MDM) system'},
 'investigation_status': 'Ongoing',
 'lessons_learned': 'Risks of unpatched vulnerabilities in critical IT '
                    'infrastructure',
 'post_incident_analysis': {'corrective_actions': 'Patch applied, system '
                                                  'secured',
                            'root_causes': 'Unpatched flaw in MDM system, '
                                           'incomplete data deletion '
                                           'processes'},
 'references': [{'source': 'Cyber Incident Description'}],
 'response': {'containment_measures': 'Vulnerability patched, system secured',
              'law_enforcement_notified': 'National Bureau of Investigation'},
 'title': 'Finland’s Government Hit by Major Data Breach Affecting 50,000 '
          'Employees',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Unpatched flaw in a commercial MDM system'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.