The Swedish government has admitted to a huge data leak made by one of its own departments during an IT outsourcing procedure in 2015.
Sweden’s prime minister said it was “a disaster”, Swedish media reported.
Reports say that confidential data about military personnel, along with defence plans and witness protection details, were exposed by the Transport Agency.
They were visible to workers without security clearance during the transfer.
Last month, the agency’s former director general Maria Agren, who left her role in January, was fined 70,000 Swedish krona (£6,500, $8,500).
There is no suggestion that IBM Sweden, the outsourced company with which the data was shared, was in the wrong – and the tech giant declined to comment.
Operations to ensure that only security-cleared staff have access to the data will be completed by the autumn, the Transport Agency said in a statement (link in Swedish).
It explained that Ms Agren had “decided to abstain” from the National Security Act, the Personal Data Act and the Publicity and Privacy Act when dealing with the outsourcing.
The agency declined to elaborate on the confidential data it holds but said it did not have a register of military pilots, airports or aircraft.
However said it did have information about people with “protected identities” – but added that they should not be worried.
“We have no indications indicating that data was disseminated improperly, so we do not see any direct cause for concern,” it said.
All of the data remained housed in Sweden, it said.