Now on Demand: Threat Detection and Incident Response (TDIR) Summit - All Sessions Available
Connect with us

Hi, what are you looking for?


Data Breaches

Student, Personnel Information Stolen in City of Helsinki Cyberattack

The City of Helsinki says usernames, email addresses, and personal information was stolen in a recent cyberattack.

The City of Helsinki, the capital of Finland, on Monday announced that personal information of students and personnel was stolen in a cyberattack at the end of April.

The incident, discovered on April 30, targeted the city’s education services, and was initially believed to have led to the compromise of student and personnel usernames and email addresses.

On Monday, however, the city announced that the usernames and email addresses of all city personnel were compromised in the data breach, along with the IDs and addresses of students, guardians, and personnel from the city’s education division.

Furthermore, the city’s investigation revealed that the attackers also gained access to network drives pertaining to the education division, some of which contain confidential and sensitive information.

“Most of the data on the network drive (tens of millions of files) are documents that do not contain personally identifying information or only contain ordinary personal information, the opportunity for abuse of which is not considered to be significant,” the city said on Monday.

The potentially compromised information includes data on children’s education and care fees, details on student welfare and need of special support, medical certificates for students who suspended their studies, and sick leave records for the division’s personnel.

“We cannot rule out the possibility of the perpetrator gaining access to data of persons under a non-disclosure restriction,” the City of Helsinki said.

Some of the data is believed to be years old, impacting individuals who were previous customers or employees of the education division. The city has yet to determine the full extent of the data breach and to provide specific details on the compromised information.

Advertisement. Scroll to continue reading.

More than 80,000 students and guardians are likely affected by the data breach, City of Helsinki manager Jukka-Pekka Ujula said.

According to the city, the attackers compromised the network by exploiting a known vulnerability in a remote access server, for which a hotfix has been available, but not applied.

“Our security update and device maintenance controls and procedures have been insufficient. After the breach, we have taken measures to ensure that a similar breach is no longer possible,” Helsinki’s chief digital officer Hannu Heikkinen said.

Heikkinen also noted that the investigation has not discovered evidence of other city divisions being compromised, but all networks are being closely monitored.

It’s unclear if this was a ransomware attack. No ransomware group appears to have taken credit for the intrusion.

Related: FBCS Collection Agency Data Breach Impacts 2.7 Million

Related: Kaiser Permanente Data Breach Impacts 13.4 Million Patients

Related: 180k Impacted by Data Breach at Michigan Healthcare Organization

Written By

Ionut Arghire is an international correspondent for SecurityWeek.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.


People on the Move

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

More People On The Move

Expert Insights