Finland State ICT Provider Valtori Reports Data Breach Affecting 50,000 Officials
Learn More
Valtori, the Finnish State Centre for ICT Services, reports a significant data breach, affecting approximately 50,000 government employees.
The attack targeted a commercial mobile device management (MDM) system used to manage government-issued phones and tablets. Attackers exploited a zero-day vulnerability in the MDM software for which no patch existed at the time of the initial intrusion.
Additionally, technical analysis reported that the MDM system did not securely delete historical data, instead marking records as removed but leaving the underlying information accessible. This flaw allowed the attackers to steal data spanning the entire lifecycle of the MDM service. The compromised data includes:
- Full names of government employees
- Work-related email addresses
- Official phone numbers
- Unique device identifiers for mobile hardware
Valtori applied a vendor-supplied patch immediately after it was released and isolated the MDM platform to stop the attack. The National Bureau of Investigation and the National Cyber Security Centre (NCSC-FI) are conducting a joint criminal investigation. Authorities confirmed that secure networks used by security agencies remained isolated and were not compromised during the event.
