Cyber attacks and data breaches in review: January 2021

In January, we recorded 82 publicly disclosed security incidents, which accounted for 878 million breached records.

You can find the full list of breaches on our sister site, but in this blog, we look at a couple of the more notable cyber attacks and data breaches that occurred in Europe.

Dutch COVID-19 patient data sold online

Healthcare data has always been an attractive target for cyber criminals, and it has become even more popular during the pandemic.

Therefore, it’s not a surprise that a reporter found a trove of Dutch citizens’ data for sale online, with screenshots posted to instant messaging apps such as Telegram, Snapchat and Wickr.

The breached data includes home addresses, email addresses, telephone numbers, dates of birth and social security numbers.

RTL Nieuws’s Daniël Verlaan said he tracked the source of the breach to two IT systems used by the GGD, the Dutch municipal health service: CoronIT, which processes details about Dutch citizens who took a COVID-19 test, and HPZone Light, which is used by the Dutch government to perform contact tracing.

Verlaan said the data had been on sale for months, with prices ranging from €30 to €50.

Dutch police launched an investigation and arrested two suspects within 24 hours. A third suspect was arrested this week.

According to Verlaan, the attackers worked in government call centres, where they had access to national COVID-19 systems and databases.

Irish schools on security alert after online class breach

Last month, police in Ireland investigate how several people gained unauthorised access to a video lesson at a County Meath school.

The attack, which targeted second-year students, was particularly troubling as hackers engaged in inappropriate behaviour.

The practice, known as ‘zoom-bombing’ (so-called for the vulnerabilities within the video conferencing platform Zoom), has occurred frequently during the pandemic.

However, unlike most criminal hacks, perpetrators don’t profit from  zoom-bombing. They are instead performed for the crooks’ amusement – which is why so many of them involve lewd behaviour in classes with children.

Schools are at particular risk, because they have been required to provide remote classes but don’t necessarily have the resources to protect students and staff from attacks.

Stay up to date with cyber security news

Are you looking for regular updates on the latest cyber attacks and data breaches?

Subscribe to our Weekly Round-up to learn what’s happening in the cyber security industry and receive tips on the steps you should take to protect your organisation.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.