A threat actor known as ByteToBreach has leaked the full source code of Sweden's E-Government platform, claiming it was obtained by compromising CGI Sverige AB infrastructure. The breach involved a Jenkins server compromise, Docker escape via group privilege abuse, SSH private key pivots, and SQL copy-to-program exploits. Beyond the source code (released for free), the actor claims to also possess citizen PII databases and electronic signing documents, which are being sold separately. Staff databases, API signing systems, RCE test endpoints, and Jenkins SSH pivot credentials are also included in the listing. CGI Sverige is the Swedish subsidiary of CGI Group and manages critical government digital services.
Sort: