Polish telco confirms massive data breach

By on
Polish telco confirms massive data breach

Hackers post 14GB of customer data from Netia.

Poland's second largest telecoms operator Netia has confirmed that hackers stole large amounts of customer data in an attack last week.

The attack was launched on Thursday and impeded access to Netia's main webpage netia.pl until late in the evening, spokeswoman Lidia Marcinkowska said.

She said hackers may have gained access to some of its customer data after they managed to infiltrate two different customer contact forms on Netia's website.

"Netia's customers may be among those people [whose data was accessed]," Marcinkowska said, although the compromised data did not contain any client login or password data.

"Neither customer password nor logins have been accessed and are safe."

She said the data accessed by hackers contained the names of people who filled out forms, along with personal identification numbers as well as bank account numbers.

"Netia will contact every person whose data may have been stolen," Marcinkowska said.

A Twitter account claiming responsibility for the attack posted links to storage sites leading to the databases that contain around 14GB of data from Netia, dating from 2014. 

Information contained in the SQL databases include customer names, email and home addresses, phone numbers and more.

A large log file contained session identifiers associated with customer accounts. That information may allow attackers to establish connections with the Netia website database, without having to authenticate by providing user credentials.

Ukraine's far-right Pravy Sektor party, which is associated with the Twitter account that posted the links to the purloined databases, denied it was involved in the hack.

Pravy Sektor said the Twitter account was a fake and had no connection with the party.

Netia was unable to confirm whether the files posted came from the attack, Marcinkowska said, or pinpoint the country where the attackers were based.

The telco has referred the hack and data breach to the Polish authorities, and warned affected customers not to respond to phishing attempts asking for their personal information.

Got a news tip for our journalists? Share it with us anonymously here.
Tags:
data breach netia privacy security
In Partnership With

Most Read Articles

Service NSW turfs Windows OS for Chrome

Service NSW turfs Windows OS for Chrome
TPG files proposals for almost one third of 4G network

TPG files proposals for almost one third of 4G network
Telstra starts publishing 'average' NBN speeds

Telstra starts publishing 'average' NBN speeds
TPG joins Telstra in showing NBN fixed wireless speeds

TPG joins Telstra in showing NBN fixed wireless speeds
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

Managed Security Service Providers for Dummies
Managed Security Service Providers for Dummies
The Cost of Cloud Expertise report
The Cost of Cloud Expertise report
The business case for hyperconvergence
The business case for hyperconvergence
What Every CIO Should Know about DevOps & Container Guides by Puppet
What Every CIO Should Know about DevOps & Container Guides by Puppet
The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators

Events

Log In

Username / Email:
Password:
  |  Forgot your password?