Sweden leaks secret intranet and databases to Russia

This is about a week old, but a pretty big deal. What a monumental screw up:

The Swedish administration is leaking its secret intranet and databases to Russia, via its Transport Agency, via the IBM cloud, via IBM’s subcontractor NCR (formerly AT&T) in Serbia, which is a close Russian military ally. Giving staff in Serbia administrative access to these networks practically guarantees that Russia also has access to the network. The European Union’s secure STESTA network is also connected to the leaked intranet. But this is not about geopolitics and who’s allied with whom, but about how an administration tries to quiet down and gloss over an apocalyptically stupid and monstrously damaging data leak.

That the procurement procedure did not take into account how to handle classified data (let alone the bog standard data protection rules) is beyond comprehension. Well, not really: it is another piece of evidence that even supposedly capable procurement bodies do not understand technology or the implications arising from their choices. Let alone how to deal with the risks arising from the contract.