Personal information of 16,000 people put on internet in Finland’s largest ever data leak
Data security expert doubts culprit will be found
A data leak was uncovered in Finland on Saturday, in which personal details, such as names and social security numbers, of around 16,000 people were uploaded onto a file-sharing website.
This act of sabotage, which has affected three tenths of a per cent of the country’s population, is the largest ever of its kind in Finland.
The common denominator between the victims, who come from all over the country, is education and especially adult education and retraining.
”Of course we have had identity leaks before, but in the previous occasions the victims have been counted in dozens or hundreds at best. This one is in a different league altogether, and what is astonishing is that whoever leaked the data does not seem to have had any logical reason for doing so”, says Mikko Hyppönen, Chief Research Officer at the computer security firm F-Secure.
The list that was put on the Internet contains the names, full social security numbers, addresses, telephone numbers, street addresses, and email addresses of the victims. In some cases the person’s educational establishment is also mentioned. Several upper secondary vocational education institutions are on the list, and some civil servants and students of the Police College of Finland are mentioned by name.
For the most part the published details are accurate, although at least some of the phone numbers are out of date. There are fears that the published data could be used for identity thefts. It is not known if this has already been done. The list contains individuals of various ages, but mostly younger people.
“The education connection does not explain everything. The list also contains persons born in the 1930s and 1940s with no student registry information, so there has to be another source as well”, Hyppönen says.
According to Hyppönen, so far three different organisations have been identified as likely sources of the obtained data.
These sources include an education federation, a student organisation, and a further education organisation.
According to information obtained by Helsingin Sanomat, the stolen data originates from the Work Efficiency Institute (TTS), Student Alliance Osku, WinNova Länsirannikon koulutus Ltd, and Aducate - Centre for Training and Development at the University of Eastern Finland. Some people named on the list, who contacted Helsingin Sanomat, mentioned certain further education institutions as possible sources for the data.
“We still do not know if the data has been collected by breaking into the services, or if some other method of obtaining information has been used. In the related Internet conversations there is a rumour circulating, according to which this would be a list for adult education marketing purposes.”
So, who has done it and why?
“The person who did this uses the alias anomuumi. It is a generic term used when individuals who hang around at the Finnish message board forums discuss their evildoing. I don’t believe there is any other motive for this except to cause harm. The leak does not directly benefit the person who caused it. If someone uses the information to swindle money, the original leaker will not benefit from it”, Hyppönen explains.
The data leak is being looked into by the National Bureau of Investigation (NBI). In Hyppönen’s view, the chances are slim that police can catch the culprit.
According to Hyppönen, the police can track down the IP address of the computer that was used to leak the data, but the perpetrator himself may still remain a mystery. A skilled culprit may have covered his tracks for example by using servers in other countries.
The NBI is more optimistic but asks for tips from the public. “I believe solving this is possible. Even though foreign servers have been used, it is highly likely that the culprit is a Finn and this always makes it easier to identify him”, says Det. Chief Inspector Timo Piiroinen.
Previously in HS International Edition:
New legislation seen necessary to fight online crime (19.9.2008)
Leaked list of passwords already put to nefarious use (16.10.2007)
Police suspect Finnish connection as 80,000 online passwords are compromised (15.10.2007)