Cyber Incident Victim: Advania AB

On February 6, 2024, IT provider Advania detected an anomaly in a segment of its customer environment during Tuesday afternoon operations, prompting immediate isolation of the affected systems for investigation. The company confirmed the incident involved unauthorized access by an external actor but found no evidence of malicious code deployment, such as ransomware, within the compromised environment. Approximately 60 customers experienced service disruptions as a direct result of the isolation measures. Advania prioritized determining the incident's scope and root cause to facilitate restoration of customer environments, maintaining communication with impacted clients throughout the process. Operational isolation of the customer environment remained in effect during the ongoing investigation to safeguard both Advania and its clients.

The cyberattack caused significant operational disruptions across multiple sectors, particularly affecting healthcare providers in Västra Götaland region. Herkules vårdcentral in Borås reported complete inability to access patient journals, process lab samples, or accept new patients, forcing staff to issue paper prescriptions exclusively. Per Svensson, the facility's operations manager, confirmed neighboring private healthcare centers sharing the same IT provider faced identical service outages. Advania's public statement acknowledged the incident's severity but provided no technical specifics regarding intrusion methods, data compromise, or expected recovery timelines beyond its commitment to resolution. Investigation and restoration efforts continued without further public elaboration of forensic findings or attacker attribution as of the latest available reports.