Cyber attacks and data breaches in review: April 2020

Despite organisations across the globe being forced to shut down to combat coronavirus, there were still 216,141,421 breached records in April – demonstrating that cyber criminals can thrive under any circumstance.

The true scale of the threat is probably even larger, given that many businesses operating with limited resources would have a much harder time detecting a security incident.

As always, we delve into the more notable incidents affecting European organisations in this blog.

Italian email provider confirms security breach

The Italian email provider and domain registrar confirmed in April that the personal data of 600,000 users had been leaked in a cyber attack.

The incident was disclosed after the No Name Hacking Group posted a link on Twitter promoting a dark web marketplace that was selling the affected individuals’ information.

It’s believed that the breach dates back more than two years, and affects individuals who signed up for a free account between 2007 and 2020.

The criminals reportedly tried to extort for the return of the information, but after the organisation refused to negotiate – instead informing the Italian authorities – they put the data up for sale.

Depending on the type of information – which includes a database of plaintext passwords, answers to security questions and email content – fellow criminal hackers can purchase the data for between 0.5 bitcoin (about €7,900) and 3 bitcoin (€23,700).

Energy giant Energias de Portugal infected with ransomware

EDP (Energias de Portugal), one of the largest energy suppliers in Europe, was hit by a major ransomware attack that affected 10 terabytes of information.

Criminals using the Ragnar Locker ransomware strain encrypted vast amounts of the organisation’s databases and threatened to leak it online unless EDP paid a 1,580 bitcoin (about €10 million) ransom.

According to the ransom demand published on EDP’s systems, the attackers stole confidential information on billing, contracts, transactions, clients and partners.

Their demand stated:

And be assure that if you wouldn’t pay, all files and documents would be publicated for everyones view and also we would notify all your clients and partners about this leakage with direct links.

So if you want to avoid such harm for your reputation, better pay the amount that we asking for.

EDP notified the authorities and said that it is assessing the situation, with teams dedicated to restoring the systems manually.

It also confirmed that the power supply service and critical infrastructure weren’t compromised in the attack.

Maltese voters’ personal data leaked after IT company security blunder

Malta’s Information and Data Protection Commissioner is investigating a massive data breach in which 337,384 Maltese voters’ personal data was leaked online.

The data, which was stored on an unprotected database belonging to software developer C-Planet IT Solutions, included the names, ID numbers, addresses, gender, phone numbers and dates of birth of almost the entire country’s electorate.

C-Planet IT Solutions was reportedly notified of the leak via email in February, but it didn’t address the vulnerability until on or around 9 March.

Indeed, the organisation’s public response is further evidence of it downplaying the breach. It described the incident as a “mishap” and said it wouldn’t answer any questions on the matter, stating that the data was “old”.

Deputy Data Protection Commissioner Ian Deguara said that he would launch an enquiry.

“We got to know about this personal data breach this morning from media reports. We shall trigger our investigation procedure with the controller responsible for the processing to establish all the facts surrounding this security incident,” said Deguara.

Stay up to date with cyber security news

Are you looking for regular updates on the latest cyber attacks and data breaches?

Subscribe to our Weekly Round-up to learn what’s happening in the cyber security industry and receive tips on the steps you should take to protect your organisation.

Subscribe to our weekly newsletter

No Responses

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.