A group of hackers called RansomHub carried out an attack on the District Labor Office in Police, gaining access to computers belonging to employees of this institution. The attack was first revealed on August 14 on the blog of the hacker group, which announced its intention to make the stolen data public. RansomHub kept its promise by publishing this information on August 22 at 2:00 p.m., as announced.

The hackers gained access to the office's internal network infrastructure and individual computers, as suggested by the directory structure of the files they published. Analysis of the stolen data showed that cybercriminals did not manage to take over the full database of the office's petitioners, which could result in a mass leak of information, but this is not 100% certain. Nevertheless, the stolen files contained scans of documents containing personal data (such as PESEL, name, surname, position) as well as login details to various websites and server logs.

After discovering the attack, the office immediately began cooperating with the relevant services to minimize the effects of the incident and determine how security was breached. Due to the attack, on August 19, information about the failure of the IT system appeared on the office's website.

The information obtained shows that the vast majority of files containing the petitioners' personal data were protected with complex passwords, which could have hindered their access by hackers. The Office ensured that databases containing confidential data, such as registers of unemployed people, employers or foreigners, were appropriately secured and were not made public.

Intensive work by law enforcement agencies is currently underway to determine how exactly the attack occurred and what data was disclosed. The Office has undertaken to individually inform each person whose personal data may have been disclosed as a result of the leak, in accordance with applicable regulations.

Source: cyberdefence24.pl