Online services at some Swedish government agencies and shops have been disrupted in a ransomware attack believed to have been carried out by a Russian hacker group, IT consultancy Tietoevry said.
The Swedish-Finnish group, which provides online security systems, said the problem could take weeks to fix.
It said one of its data centers in Sweden was attacked overnight from Friday to Saturday, knocking out online purchases at the country's biggest cinema chain as well as some department stores and shops.
The centralized human resources system used by Sweden's national government service center (Statens Servicecenter) was also affected, making it impossible for public sector employees to declare their overtime hours, sick leave or holiday requests.
"Considering the nature of the incident and the number of customer-specific systems to be restored, the restoration process may extend over several days, even weeks," Tietoevry said in a statement issued late Monday.
"120 government agencies and more than 60,000 employees" were affected by the attack, Statens Servicecenter spokeswoman Caroline Johansson Sjowall told AFP.
Tietoevry and other cyber security experts have pointed the finger at hacker group Akira, which has ties to Russia.
Tietoevry said it had filed a police complaint regarding the attack, the financial impact of which it "was not able to fully assess" yet.
The company has provided no information about a ransom demand.
Ransomware attacks typically access vulnerable computer systems and encrypt or steal data, before sending a ransom note demanding payment in exchange for decrypting the data or not releasing it publicly.
"Cybersecurity must be a priority for all of society, both the public and private sector," Civil Defense Minister Carl-Oskar Bohlin wrote on X, formerly known as Twitter.
"Once the operational phase is over, the government intends to gather the affected parties ... to thoroughly evaluate this incident," he wrote.
The Swedish Civil Contingencies Agency (MSB) said the attack should serve as a wake-up call.
"Sweden has digitalized very rapidly, but in general we have not invested as much time and resources into cybersecurity," Margareta Palmqvist, head of information security at MSB, told Swedish news agency TT.
"It's important to be prepared, to work preventively ... so that you're ready when something happens," she said.
A Message from The Moscow Times:
Dear readers,
We are facing unprecedented challenges. Russia's Prosecutor General's Office has designated The Moscow Times as an "undesirable" organization, criminalizing our work and putting our staff at risk of prosecution. This follows our earlier unjust labeling as a "foreign agent."
These actions are direct attempts to silence independent journalism in Russia. The authorities claim our work "discredits the decisions of the Russian leadership." We see things differently: we strive to provide accurate, unbiased reporting on Russia.
We, the journalists of The Moscow Times, refuse to be silenced. But to continue our work, we need your help.
Your support, no matter how small, makes a world of difference. If you can, please support us monthly starting from just $2. It's quick to set up, and every contribution makes a significant impact.
By supporting The Moscow Times, you're defending open, independent journalism in the face of repression. Thank you for standing with us.
Remind me later.