Passwords were sold online before the IT leak

The newspaper has previously revealed that Gunnebo discovered the data breach at the end of August and that the leak took place in September.

Now comes new information that the security company in March this year was tipped that the password to a server was spread to criminals.

Weak password

According to DN, Gunnebo was then contacted by an American expert in IT security who said that he had information that the password had been sold to a group specializing in blackmailing hacked companies.

The password in question was very weak, which drew criticism.

- Having the type of password that has appeared here on remote access services is under all criticism and is on the verge of self-harming behavior, says the Swedish IT security expert Robert Malmgren to the newspaper.

Drawings online

It has not been determined whether the incident in the spring is linked to the autumn data leak.

Gunnebo confirms to the newspaper the information and states that the password was changed within an hour after they were alerted, but for security and investigative technical reasons otherwise does not want to answer questions about the incident.

Following the leak, which was revealed earlier this week, details about the Riksdag's shell protection, monitoring of bank branches and drawings of an exclusive jewelery store's security vault were published openly online.