Swedish insurer Folksam in major data leak

Sweden’s largest insurer, Folksam is facing the prospect of a fine from the regulator after it accidentally leaked private data on about one million of its customers to some of the world’s largest technology companies.

Folksam, which insures 50% of Swedish homes and individuals, shared the data with tech giants such as Facebook, Google, Microsoft and LinkedIn.

“We take what has happened seriously. We have immediately stopped sharing this personal information and requested that it be deleted,” Folksam’s head of marketing, Jens Wikstrom, said in a statement.

The data included social security numbers, widely used in Sweden for everyday activities including banking, and information on who had bought pregnancy insurance, Folksam said.

European regulators have hit companies with heavy fines for data breaches in recent years as tougher privacy rules have come into force.

The breach has been reported to Sweden’s data watchdog, the Swedish Data Protection Authority (Datainspektionen), Folksam said.

A spokesman for Sweden’s data inspectorate said it was looking into the matter but had not yet made a decision whether to launch an investigation.

Folksam said there was no indication so far that the leaked information has been used by third parties in an “improper manner”.

“This should not happen and we are now working hard so that it never happens again,” Wikstrom added.

Only last month US broker Arthur J Gallagher & Co revealed that it has been on the receiving end of an attempted ransomware attack.

According to the broker, it first detected the ransomware attack on 26 September 2020.