Breach cyber

Risika

Jul 25, 2025 1 min read
Risika

An enormous database, containing millions of highly sensitive information on Swedish citizens, was left unsecured online. The data included people’s names, Swedish personal identity numbers, dates of birth, gender, address history, civil status, information about deceased individuals, foreign addresses, debt records, payment remarks, bankruptcy history, property ownership indicators, income tax, activity and event logs, financial data, and behavioral data. Cybernews researchers attributed the server to Risika, a Danish fintech company offering real-time credit assessment, risk monitoring, and financial risk intelligence for businesses. However, Risika denied having anything to do with the archive.

Source: https://www.techradar.com/pro/security/major-breach-sees-100-million-data-records-on-citizens-leaked-heres-what-we-know

TPRM report: https://scoringcyber.rankiteo.com/company/risika

"id": "ris343072525",
"linkid": "risika",
"type": "Breach",
"date": "7/2025",
"severity": "25",
"impact": "",
"explanation": "Attack without any consequences: Attack in which data is not compromised"
{'affected_entities': [{'industry': 'Financial Services',
                        'location': 'Denmark',
                        'name': 'Risika',
                        'type': 'Fintech Company'}],
 'attack_vector': 'Misconfigured Server',
 'data_breach': {'number_of_records_exposed': 'Over 100 million',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Financial Information',
                                              'Behavioral Data']},
 'description': 'A misconfigured Elasticsearch server exposed millions of '
                'highly sensitive information on Swedish citizens and '
                'organizations, attributed to a Danish fintech firm which '
                'denies ownership.',
 'impact': {'data_compromised': ['Names',
                                 'Swedish personal identity numbers',
                                 'Dates of birth',
                                 'Gender',
                                 'Address history',
                                 'Civil status',
                                 'Information about deceased individuals',
                                 'Foreign addresses',
                                 'Debt records',
                                 'Payment remarks',
                                 'Bankruptcy history',
                                 'Property ownership indicators',
                                 'Income tax',
                                 'Activity and event logs',
                                 'Financial data',
                                 'Behavioral data'],
            'systems_affected': 'Elasticsearch server'},
 'initial_access_broker': {'entry_point': 'Misconfigured Elasticsearch server'},
 'investigation_status': 'Preliminary investigation indicates Risika is not '
                         'the source',
 'post_incident_analysis': {'root_causes': 'Misconfiguration'},
 'references': [{'source': 'Cybernews'}],
 'response': {'containment_measures': 'Database locked down'},
 'title': "Unsecured Database Exposes Swedish Citizens' Data",
 'type': 'Data Breach',
 'vulnerability_exploited': 'Misconfiguration'}
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Toptal

public 1 min read
Hackers compromised Toptal's GitHub organization account, gaining access to publish ten malicious packages on the Node Package Manager…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.