Cyber Incident Victim: Filmstaden
Date:
Jan 2024
Location:
Sweden
Summary
A cinema organization experienced a disruption in digital sales channels due to an ongoing incident at its supplier Tietoevry, temporarily halting online ticket purchases via its website and app. Physical cinemas remain operational with ticket sales and kiosk transactions available exclusively via Swish payments, though gift card redemptions are currently suspended. Customers can redeem existing paper tickets or digital value codes at venues. The supplier-related outage also impacts affiliated cinema chains Svenska Bio and Cinemascenen, affecting their digital sales platforms and in-person Swish payment capabilities. The organization continues to provide updates while referring technical details to the third-party provider.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Filmstaden experienced a significant disruption to its digital sales channels beginning on or before January 20, 2024, caused by an ongoing incident at its third-party service provider Tietoevry. The outage immediately disabled all online ticket sales through Filmstaden's website and mobile application, forcing customers to purchase tickets exclusively at physical cinema locations. While theatrical screenings continued as scheduled, the cinemas could only process payments via Swish—a mobile payment system—and could not accept gift cards or facilitate digital ticket redemptions without physical vouchers or value codes. Customers holding pre-purchased paper tickets or digital codes could exchange them for admissions at cinema counters, but the inability to process gift cards created additional limitations. The disruption extended beyond Filmstaden to impact Svenska Bio's website and app sales, as well as its cinema-based Swish transactions, while Cinemascenen cinemas also reported operational effects. Filmstaden's initial public communication on January 20 confirmed the outage and directed customers to physical box offices, with a follow-up update on January 21 stating Tietoevry's incident remained unresolved but expressing hope for restoration within the same week.
The organization maintained cinema operations through manual payment processing while directing customers to its website for status updates, avoiding direct communication about the technical nature of Tietoevry's incident. Filmstaden acknowledged the inconvenience to guests but did not disclose specific financial, reputational, or customer data impacts. No workarounds for online sales or gift card processing were implemented during the confirmed outage period, leaving Swish as the sole available payment method at physical locations. The incident's collateral damage to multiple cinema chains indicated a centralized dependency on Tietoevry's compromised services, though the precise systems or attack vectors involved were not detailed by Filmstaden. Resolution timelines remained approximate, with no containment measures or forensic findings disclosed beyond Tietoevry's ongoing remediation efforts. Filmstaden's response prioritized maintaining partial revenue streams through physical sales while deferring technical explanations and accountability to its supplier.