Finnish users' passwords in clear text revealed

The website liiketoimintasuunnitelma.com of the Finnish Enterprise Agency in Helsinki, Helsingin Uusyrityskeskus, has been a target for data break-in. In this data break-in around 130,000 users' usernames and passwords in clear text were revealed. It is possible that other confidential information has also been revealed. This data leak is the third largest in Finland in terms of the number of user accounts.

Revealed information

At least the following information has been stolen:

  • The user’s username
  • The user’s password in clear text

As the passwords are in clear text, the party being aware of the passwords can use them immediately. A good practice in the maintenance of services is to save the passwords as a cryptographic hash, in which case the attacker would have to put considerable extra effort to exploit them.

The hacked service is meant for making business plans, and the information leaked may also include details of the business plans.

There is currently no information indicating that the revealed information could be read by anyone on the internet. However, it is likely that the revealed information has spread among cyber criminals.

Helsingin Uusyrityskeskus website is currently closed.

Target group of the alert

Persons having used the service liiketoimintasuunnitelma.com.

Possible solutions and restrictive measures

Change your passwords immediately, if you currently have the same password for liiketoimintasuunnitelma.com as for another data system or online service.

For each data system or online service, use a password that you have not used before in other systems or services.

Use long passwords or passphares. The username should not be composed only of words that can be found in dictionaries.

Do not reveal your password to others. Make sure that your password is never accessible to others on a note or an IT device.

Further information

Update history

Key words: Information security , Data leak , Alerts

LinkedIn Print

logo

The Finnish Communications Regulatory Authority (FICORA)

The National Cyber Security Centre Finland (NCSC-FI)

Itämerenkatu 3 A

P.O. Box 313

FI-00180 HELSINKI


Media contacts by telephone +358 295 390 248