A Swedish local authority is seeking almost £40,000 in damages from a 17-year-old who hacked its IT system.
Umeå, in northern Sweden, is demanding half a million Swedish kroner from Erik Sundqvist as compensation for damages incurred after the then-16-year-old hacked into the municipal system.
Sundqvist, who says he only accessed the system to highlight its security flaws, gained access to a database of more than 600 passwords. The authorities say the compensation will in part pay for the time spent going through their systems to change the passwords, as well as evidence collection and other unspecified costs.
The 17-year-old – who was found guilty of the hacking charge and sentenced to 35 hours community service – told the local press that he realised the system was not secure and that anyone could steal the passwords. He says he himself didn’t steal anything or damage the servers and that his incursion took less than an hour.
The incident took place in 2013, but according to the city authorities, this is not the first time Sundqvist has been found guilty of hacking. He said it was ridiculous that a public IT system that stores personal data on so many people should be so unsafe.
The case is pending. ®