Cyber Incident Victim: Genus

In January 2025, Norwegian software services provider Genus experienced a ransomware attack compromising its internal network and file server. Hackers exploited a suspected firewall vulnerability to infiltrate systems, exfiltrating sensitive data including customer contracts containing personal identification numbers and signatures. The attackers subsequently attempted to extort Genus, demanding payment under threat of data exposure. Genus operational director Lars Holth confirmed the breach did not impact cloud-based services used by the Norwegian Police, which operated on separate infrastructure. The company restored operations within days using backups and refused to engage with or pay the threat actors. One month post-incident, hackers published stolen data on dark web platforms, though Genus maintained no critical systems or police-related information was compromised.

The incident highlighted security concerns regarding police supply chains, as Genus provides framework software for developing police analytical tools and digital services. Police IT unit director Claes Lyth Walsø clarified that Genus consultants working physically at police facilities only assist in solution development, with no direct access to operational police systems. Norwegian authorities had previously identified organized cybercrime and supplier vulnerabilities as key threats in their 2025 risk assessment, specifically noting risks to individuals and national security from data breaches. While police systems remained unaffected, the event demonstrated third-party risks despite existing security mechanisms like access controls. Genus maintained its internal network compromise required no police operational adjustments or contingency measures.