Polish telco confirms massive data breach

By on
Polish telco confirms massive data breach

Hackers post 14GB of customer data from Netia.

Poland's second largest telecoms operator Netia has confirmed that hackers stole large amounts of customer data in an attack last week.

The attack was launched on Thursday and impeded access to Netia's main webpage netia.pl until late in the evening, spokeswoman Lidia Marcinkowska said.

She said hackers may have gained access to some of its customer data after they managed to infiltrate two different customer contact forms on Netia's website.

"Netia's customers may be among those people [whose data was accessed]," Marcinkowska said, although the compromised data did not contain any client login or password data.

"Neither customer password nor logins have been accessed and are safe."

She said the data accessed by hackers contained the names of people who filled out forms, along with personal identification numbers as well as bank account numbers.

"Netia will contact every person whose data may have been stolen," Marcinkowska said.

A Twitter account claiming responsibility for the attack posted links to storage sites leading to the databases that contain around 14GB of data from Netia, dating from 2014. 

Information contained in the SQL databases include customer names, email and home addresses, phone numbers and more.

A large log file contained session identifiers associated with customer accounts. That information may allow attackers to establish connections with the Netia website database, without having to authenticate by providing user credentials.

Ukraine's far-right Pravy Sektor party, which is associated with the Twitter account that posted the links to the purloined databases, denied it was involved in the hack.

Pravy Sektor said the Twitter account was a fake and had no connection with the party.

Netia was unable to confirm whether the files posted came from the attack, Marcinkowska said, or pinpoint the country where the attackers were based.

The telco has referred the hack and data breach to the Polish authorities, and warned affected customers not to respond to phishing attempts asking for their personal information.

Got a news tip for our journalists? Share it with us anonymously here.
Tags:
data breach netia privacy security
In Partnership With

Most Read Articles

Australia gets world-first encryption busting laws

Australia gets world-first encryption busting laws
NAB's public cloud expansion ran without internal IT staff

NAB's public cloud expansion ran without internal IT staff
NBN Co may have to pay users stuck in congested wireless cells

NBN Co may have to pay users stuck in congested wireless cells
Ban Chrome as default browser, limit Facebook user data harvesting: ACCC crackdown

Ban Chrome as default browser, limit Facebook user data harvesting: ACCC crackdown
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

Automate and secure IOT for Business
Automate and secure IOT for Business
Data Science and AI Solutions for Cybersecurity
Data Science and AI Solutions for Cybersecurity
Intro to AI for Security Professionals
Intro to AI for Security Professionals
Digital Transformation: Hope, or Hype?
Digital Transformation: Hope, or Hype?
How to choose a trusted IT provider
How to choose a trusted IT provider

Events

Log In

Username / Email:
Password:
  |  Forgot your password?