Cyber Incident Victim: Åkerströms

On January 19–20, 2024, Åkerströms Björbo experienced a disruption to its business systems following a cyberattack targeting its IT provider, Tietoevry. The attack forced Tietoevry to isolate affected systems and allocate resources to restore services, causing Åkerströms' business system to become temporarily inoperable. Åkerströms publicly confirmed the outage on January 20, 2024, through a customer notification but could not provide a restoration timeline due to the ongoing recovery efforts at Tietoevry. The disruption impaired Åkerströms' ability to access order information and communicate specifics about pending deliveries, though the company emphasized it remained operational for receiving new orders through alternative channels. Customer service teams were directed to handle inquiries via designated email addresses and phone numbers for orders, repairs, and general concerns, with CEO Hans Åkerblom listed as a contact for escalated issues.

The incident introduced operational uncertainties, including potential delays in fulfilling orders and risks that unauthorized actors accessed customer data stored within the compromised business system. Åkerströms acknowledged the possibility of data exposure but did not specify the types of information potentially affected or the number of impacted entities. The company maintained direct communication with Tietoevry throughout the response phase while advising customers to monitor Tietoevry's newsroom for provider-side updates. Despite system unavailability, Åkerströms prioritized maintaining order intake capabilities and minimizing supply chain interruptions, though it cautioned customers about potential informational gaps regarding existing orders. No threat actor attribution, attack vector details, or data exfiltration confirmation were disclosed in the initial statement.