Polish telco confirms massive data breach

By on
Polish telco confirms massive data breach

Hackers post 14GB of customer data from Netia.

Poland's second largest telecoms operator Netia has confirmed that hackers stole large amounts of customer data in an attack last week.

The attack was launched on Thursday and impeded access to Netia's main webpage netia.pl until late in the evening, spokeswoman Lidia Marcinkowska said.

She said hackers may have gained access to some of its customer data after they managed to infiltrate two different customer contact forms on Netia's website.

"Netia's customers may be among those people [whose data was accessed]," Marcinkowska said, although the compromised data did not contain any client login or password data.

"Neither customer password nor logins have been accessed and are safe."

She said the data accessed by hackers contained the names of people who filled out forms, along with personal identification numbers as well as bank account numbers.

"Netia will contact every person whose data may have been stolen," Marcinkowska said.

A Twitter account claiming responsibility for the attack posted links to storage sites leading to the databases that contain around 14GB of data from Netia, dating from 2014. 

Information contained in the SQL databases include customer names, email and home addresses, phone numbers and more.

A large log file contained session identifiers associated with customer accounts. That information may allow attackers to establish connections with the Netia website database, without having to authenticate by providing user credentials.

Ukraine's far-right Pravy Sektor party, which is associated with the Twitter account that posted the links to the purloined databases, denied it was involved in the hack.

Pravy Sektor said the Twitter account was a fake and had no connection with the party.

Netia was unable to confirm whether the files posted came from the attack, Marcinkowska said, or pinpoint the country where the attackers were based.

The telco has referred the hack and data breach to the Polish authorities, and warned affected customers not to respond to phishing attempts asking for their personal information.

Tags:
data breach netia privacy security

Most Read Articles

Devastating flaw puts almost every wi-fi network at risk

Devastating flaw puts almost every wi-fi network at risk
NBN Co works to recover cost of network damage

NBN Co works to recover cost of network damage
Subaru key fob vulnerability lets hackers unlock cars

Subaru key fob vulnerability lets hackers unlock cars
Telstra builds 900 machine learning models for marketing overhaul

Telstra builds 900 machine learning models for marketing overhaul
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
The 5G Business Potential – Industry digitalisation and the untapped opportunities for operators
Solving IT complexity
Solving IT complexity
Optimising Enterprise Data Centres for the Cloud
Optimising Enterprise Data Centres for the Cloud
Growing companies have a growing interest in technology
Growing companies have a growing interest in technology
RSA NetWitness® Endpoint. Respond 3X Faster to Threats
RSA NetWitness® Endpoint. Respond 3X Faster to Threats

Events

Log In

Username:
Password:
|  Forgot your password?