Cyber attacks and data breaches in review: March 2020

With COVID-19 spreading across the globe last month – bringing with it a host of cyber security risks – it would have been easy to fear for the worst in terms of cyber attacks and data breaches.

But surprisingly, we only found 67 incidents this month, with a total of 832,486,418 affected records – which is only slightly higher than last month’s figures.

However, we’re still only in the early stages of the pandemic, and most breaches take 100 days or more to be discovered, so we’re surely going to be seeing the effects of these challenging times for a long time to come.

As always, we use this blog to take a look at some of the most notable incidents from across Europe.

1. Dutch government leaks personal details of 6.9 million organ donors

The Dutch government was responsible for one of the biggest recorded data breaches of March, when it lost two external hard drives containing the personal data of more than 6.9 million organ donors – about half of the country’s population.

The database housed electronic copies of all donor forms that were files with the Dutch Donor Register between February 1998 and June 2010. It was last used four years ago, when it was placed inside a secure vault for storage.

Authorities discovered the breach earlier this year, after attempting to delete the paper and digital files that were no longer needed. The incident was made public when Minister for Health, Wellness and Sport Hugo De Jonge notified the Dutch parliament last month.

For those affected by the breach, there is good news and bad news. On the one hand, Dutch officials claim that there is no evidence that anyone has tried to use the data maliciously, and the records don’t contain IDs or other official documents, which could otherwise have been used to conduct sophisticated attacks.

However, the extent of the breach is still severe, with donors’ first and last names, gender, date of birth, addresses and certain medical details all being compromised.

At best, this represents a violation of individuals’ privacy, and at worst, it allows anyone with access to the information to conduct a variety of attacks.

One such threat people should be concerned about are phishing scams – with donors having to be on the lookout for bogus messages imitating the Dutch government (perhaps offering recompense for being breached) or other emails that make use of information on record.

2. Teaching Council hit by phishing scam

Last month, Ireland’s Teaching Council informed 9,735 serving and retired teachers that their data had been compromised in a phishing incident.

In a statement, the Teaching Council’s director, Tomas Ó Ruairc, said that an authorised person had accessed a small number of email accounts on the council’s servers.

This was the result of a phishing email that tricked employees into running a script that established an auto-forwarding rule for subsequent emails.

In other words, emails received from staff whose accounts had been compromised were forwarded to a Gmail account controlled by the cyber criminal.

During this attack, the miscreant accessed an email attachment that contained a spreadsheet with teachers’ registration details.

Their names, addresses, PPS (Personal Public Service) number and Teaching Council registration number were all compromised, as were the details of when they joined the register and the vetting process.

Fortunately, no contact details – such email addresses – were compromised, nor was financial data.

Ó Ruairc said the Teaching Council took the matter and the security of data very seriously, and apologised for any inconvenience caused.

“The circulation of such attachments in the council is not normal practice and steps have been taken to ensure that this does not happen again.”

3. European electricity association says its network was breached

ENTSO-E (European Network of Transmission System Operators for Electricity) confirmed last month that cyber criminals breached its office network.

The electricity association, which operates in 36 countries across Europe, provided few details about the attack but stressed that the compromised systems were not connected to operational transmission networks.

Speaking to CyberScoop, ENTSO-E spokesperson Claire Camus declined to provide additional comments on the issue, citing “obvious reasons”.

So, for now, we don’t know who targeted the association’s network or why. However, it’s not uncommon for cyber criminals to attack utility providers, as a successful hack can cause high-profile damage.

ENTSO-E, for example, works with TSOs (Transmission System Operators) across Europe; these are the organisations responsible for the main electricity supplies – and disruption to those would cause widespread problems.

Fortunately, that wasn’t the case in this instance, but it bears reminding that utility providers should be vigilant about the threat of cyber crime.

Stay up to date on cyber security news

Are you looking for regular updates on the latest cyber attacks and data breaches?

Subscribe to our Weekly Round-up to learn what’s happening in the cyber security industry and receive tips on the steps you should take to protect your organisation.

Subscribe to our weekly newsletter

One Response

  1. Alishia 5th June 2020

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.