Verisure (Alert Alarm subsidiary)

Verisure, a home security company, reported unauthorized access to customer data within its Swedish subsidiary, **Alert Alarm**. The breach was isolated to Alert Alarm’s IT systems, managed separately by an external billing partner, and did not affect Verisure’s broader operations across Europe and Latin America. Compromised data includes **names, addresses, email addresses, and social security numbers** of approximately **35,000 current and former customers** in Sweden (though Alert Alarm currently serves fewer than 6,000 active customers). The incident occurred shortly after Verisure’s €3.2 billion IPO, leading to a **5% drop in share value**. Swedish police launched an investigation into suspected **blackmail and aggravated data breach**, though no further details on the perpetrators or timeline were disclosed. Verisure stated no evidence of intrusion was found in its primary network, and forensic analysis remains ongoing. Customers were notified of the breach, but no additional impacts (e.g., financial fraud or operational disruption) were reported beyond the data exposure.

Source: https://therecord.media/verisure-data-breach-sweden-alert-alarm-subsidiary

TPRM report: https://www.rankiteo.com/company/verisure

"id": "ver1292812102025",
"linkid": "verisure",
"type": "Breach",
"date": "10/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '35,000 (current and former); '
                                              'fewer than 6,000 active',
                        'industry': 'home security',
                        'location': 'Sweden',
                        'name': 'Alert Alarm',
                        'type': 'subsidiary'},
                       {'customers_affected': 'None (broader operations '
                                              'unaffected)',
                        'industry': 'home security',
                        'location': 'Sweden (operations in 17 countries)',
                        'name': 'Verisure',
                        'type': 'parent company'}],
 'customer_advisories': 'Alert Alarm customers to be updated as more '
                        'information becomes available',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': '35,000',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High (includes social security '
                                        'numbers)',
                 'type_of_data_compromised': ['PII (Personally Identifiable '
                                              'Information)']},
 'date_publicly_disclosed': '2023-10-13T00:00:00Z',
 'description': 'Home security company Verisure detected unauthorized access '
                'to customer data linked to its subsidiary, Alert Alarm. The '
                "breach was confined to Alert Alarm's IT infrastructure, "
                "managed separately from Verisure's main network and hosted by "
                'an external billing partner. Compromised data includes names, '
                'addresses, email addresses, and social security numbers of '
                '~35,000 current and former Alert Alarm customers in Sweden '
                '(fewer than 6,000 active customers). Swedish police opened an '
                'investigation into suspected blackmail and aggravated data '
                "breach. Verisure's broader operations in Europe and Latin "
                'America were unaffected, and forensic analysis found no signs '
                "of intrusion in Verisure's own systems. The incident occurred "
                "shortly after Verisure's €3.2B IPO, causing a 5% drop in "
                'share price.',
 'impact': {'brand_reputation_impact': 'Moderate (5% share price drop '
                                       'post-IPO; ongoing investigation)',
            'data_compromised': ['names',
                                 'addresses',
                                 'email addresses',
                                 'social security numbers'],
            'identity_theft_risk': 'High (social security numbers compromised)',
            'operational_impact': "None (confined to subsidiary; Verisure's "
                                  'broader operations unaffected)',
            'systems_affected': ["Alert Alarm's IT infrastructure (hosted by "
                                 'external billing partner)']},
 'initial_access_broker': {'high_value_targets': ['Customer PII (social '
                                                  'security numbers)']},
 'investigation_status': 'Ongoing (forensic analysis and police investigation '
                         'in progress)',
 'motivation': ['blackmail', 'data theft'],
 'ransomware': {'data_exfiltration': True},
 'references': [{'source': 'TechCrunch / Local Swedish Media'}],
 'regulatory_compliance': {'legal_actions': ['Swedish police investigation for '
                                             'blackmail and aggravated data '
                                             'breach']},
 'response': {'communication_strategy': ['Public statement; customer updates '
                                         'pending investigation'],
              'containment_measures': ["Isolation of Alert Alarm's IT "
                                       'infrastructure'],
              'incident_response_plan_activated': True,
              'law_enforcement_notified': True,
              'network_segmentation': True,
              'third_party_assistance': ['forensic analysis team']},
 'stakeholder_advisories': 'Pending further investigation results',
 'title': "Unauthorized Access to Customer Data at Verisure's Subsidiary Alert "
          'Alarm',
 'type': ['data breach', 'unauthorized access']}