Massive data breach in Sweden: Millions of Health Hotline Calls exposed online

Recently around 2.7 million sensitive phone calls were uncovered by Swedish technology news site Computer Sweden. In total, 170,000 hours of conversation were available online on an unencrypted web server. The server had no login mechanism so the recorded calls could be accessed freely.

Sweden operates a national health advice line (1177), which is run by Swedish company Medhelp. For out-of-hour calls they subcontract with a Thailand-based firm called Medicall. According to repords, most of the uncovered calls were made outside the regular times and therefore answered by Medicall. A request from the BBC left Medicall unanswered.

The uncovered data is extremely private as People usually call 1177 seeking medical advice, talking about their symptoms, their kids’ illnesses and giving out their social security number.
The Swedish Data Protection Authority is currently investigating the case.