Ransom group attacks in several European countries, data leaked on the dark web
Recently, many countries in Europe have been hacked by ransomware organizations, and municipalities, medical institutions and livelihood companies have been affected. Currently, ransomware has become an escalating global security threat that can pose serious security and economic risks, whether to government departments, large and medium-sized enterprises or specific individuals, and how to effectively prevent ransomware attacks has become a focal issue in the field of cybersecurity.
Italian government agency suffers ransom attack, refuses to pay ransom after about 100GB of personal data published on the dark web
In mid-March, hackers attacked public institutions in the Italian city of Verona for ransom purposes. After the requested ransom was not paid, the hackers made public about 100 GB of personal data on the dark web.
Despite the information security measures taken by the Municipality of Villafranca di Verona, the public institution was subjected to a cyber-attack for ransom purposes on March 14, 2022, resulting in a serious data breach. The attack caused a temporary server outage, which led to delays in the provision of services. However, basic services were restored within 48 hours.
The news was released yesterday, April 6, by the municipality of Villafranca, which has been informed in recent weeks of the attack carried out by the hackers.
As the municipality explained, the hackers broke into the city's website and offered blackmail. The damage caused was to make the data on the city's main server unreadable. In addition, if the attackers did not receive the requested ransom, they published on the dark web all the confidential information they had stolen after the intrusion.
The city reported, "The crisis team has coordinated actions to securely recover and restart computer systems and was able to recover nearly all of the data that was attacked. The City has promptly initiated all envisioned procedures and is using in-house professionals and outside professional firms to reset its IT systems to ensure a higher level of security for its structures."
However, that didn't stop the hackers. The hackers demanded a ransom payment by March 30, and since payment has not yet been made, about 100 GB of confidential personal data has been published on the so-called dark web. The dark web is an unindexed part of the Internet that is generally used for illegal activities.
According to the city, "This is basically data in working folders shared between offices of the government concerning certain departments (business, contracts, population, finance, youth policy, personnel, secretarial staff, staff technical areas) and documents mainly of an administrative and management nature (e.g. procedures, minutes, regulations, internal rules) also contain personal data. Data may have been exchanged illegally and much of the published data has been made public. "
The municipality of Villafranca has informed the privacy guarantor of the matter and is in contact with it to monitor the breach and better protect the persons involved. In addition, a complaint has been filed with the police. "The crisis team, in full accordance with the ongoing investigation, is working to assess the exact entity and type of data released." , the municipality concluded, which reminded that "the information published on the dark web is the result of illegal activities and therefore anyone who wishes to access or use it is breaking the law. We hope that the ongoing investigation will identify the perpetrators of this criminal act. In any case, we would like to point out that although the data of the Dark Web are published, only computer operators with specific and special technical skills can access them."
Finally, the Municipality of Villafranca di Verona apologizes for the inconvenience caused and assures that it will do its best to address and resolve all inconveniences directly or indirectly related to the data breach.
Customers' personal data exposed on the dark web after Dutch housing company suffers ransom attack, refuses to pay ransom
Cyber criminals have published some of the stolen information on the dark web, an inaccessible part of the internet, after hacking several housing companies.
Of the 200GB of data stolen after the cyberattacks, about 8GB of personal information has been published on the Dark Web, which involves thousands of files containing sensitive customer data, such as copies of identity documents and copies of bank details.
In addition, customers' full names, addresses, phone numbers, email addresses and, in some cases, social security numbers have been placed on the Dark Web. Such data can be used for identity fraud.
The ransomware attack came to light last week. Eight Dutch housing companies were targeted, including those in Breda, Rosendal, Wageningen and Vlissingen.
The cyberattacks caused the systems of housing companies Laurentius, Alwel and Zayaz to be paralyzed to a large extent. In total, these companies had data on 75,000 households and private details of their customers.
Multiple media reports have suggested that the notorious ransom group Conti was behind the attack. According to local newspaper BNdeStem, the group demanded a ransom of 15 million euros. The eight companies refused to pay the fee.
From：On DarkNet – Dark Web News and Analysis
Copyright of the article belongs to the author, please do not reproduce without permission.