Security company Gunnebo hacked with stolen data published on the dark web

Multinational Swedish security company Gunnebo AB has been hacked with the data stolen finding its way onto the dark web, the shady part of the internet reachable with special software.

Founded in 1889, though with roots in an earlier company founded in 1764, Gunnebo is a leading provider particularly in Europe of banking security solutions, including cash management, entrance control and safe storage. Although the name of the company may not be well-known, Gunnebo owns Chubbsafes, a familiar brand of safes that had its origins in the U.K. in the 19th century.

The hack of the company possibly dates back to March 2020, Krebs on Security said today, but the data stolen has now only appeared on the dark web. Gunnebo said in August that it has thwarted a ransomware attack, but it’s not clear if that attack was related to the theft and subsequent publication of data stolen from the company.

Data stolen and then published is said to include tens of thousands of sensitive documents, including schematics of client bank vaults and surveillance systems. The published data is highly sensitive and valuable to international criminals, particularly bank robbers. Other information stolen and published included security arrangements for the Swedish parliament and confidential plans for the Swedish Tax Agency’s new office according to The Local Sweden.

Officially, Gunnebo is describing the theft of data as an “IT incident” that is “extremely regrettable.” While a bank security company being hacked is embarrassing, the tone taken by the firm is arguably unique in that it attacks the media for their reporting of the incident.

How the hack took place is a case of bad security 101. “This breach was the result of an easily-guessed password (password01) and lack in company network security, which ultimately allowed the hackers to enter the system and steal documents,” Ben Goodman, senior vice president for global business and corporate development at digital identity company ForgeRock Inc., told SiliconANGLE. “This type of breach happens all too often. Employing a weak password as the only authentication method gives attackers the easy access they need to hack into a system…