Finnish police have expanded a criminal investigation into a major cyber breach at a state IT service provider to include suspected espionage, after new findings on the nature of the data accessed.
The National Bureau of Investigation said the case, which began as a suspected aggravated data breach, now also involves suspicion of espionage. The probe relates to an attack on the State Information and Communication Technology Centre Valtori in late January.
Authorities said the breach targeted a mobile device management system used across government agencies. The incident may have exposed data linked to up to 50,000 public sector employees.
Investigators confirmed that the information accessed included names, work email addresses, phone numbers and device-related data. The affected systems serve multiple government bodies, including ministries and the prosecution service.
Lead investigator Aku Limnell said the content of the data has not changed from initial assessments but carries wider implications when combined. “It is possible that by combining the data, information could be formed that affects Finland’s security and may cause harm,” he said in a statement.
Police said the expanded classification reflects a clearer understanding of what was taken during the breach. The investigation aims to establish how the intrusion occurred and identify those responsible.
Officials have not disclosed details about potential suspects or the methods used in the attack. The pre-trial investigation remains ongoing, and authorities said they would not comment further at this stage.
Valtori and its client agencies are listed as injured parties in the case. The agency provides IT and digital services to central government institutions.
The breach took place on 29 January, according to investigators. Since then, authorities have focused on analysing the data involved and assessing potential risks.
HT
