3.7 C
London
Wednesday, February 12, 2025

Data leak in EuroCert. It included, among others, PESEL numbers

Must read

- Advertisement -


EuroCert, which provides services including qualified signatures, announced on Thursday that it had fallen victim to an attack by cybercriminals. As a result, data of clients, contractors and employees was leaked, including PESEL numbers and ID card numbers. NASK confirmed that the attack had been reported.

In a statement published on its website, EuroCert said that the ransomware attack took place on January 12 at night. “It led to a breach of personal data protection through a malware attack that encrypted files stored on our servers,” the company's representatives clarified.

Customer data leaked

The company announced that personal data leaked, including: customers, contractors and employees. It was added that it was about: identification data, contact details (e-mail address, telephone number), PESEL numbers, names and surnames, dates of birth, data regarding ID cards (series and number) – as well as images and usernames and passwords.

- Advertisement -

The qualified electronic signature offered by EuroCert has the legal force of a handwritten signature in electronic document circulation – we read on the company's website. When submitted using a certificate, it enables unambiguous identification of the natural person signing the signature.

The company's representatives stated that “the incident is currently the subject of activities carried out by the Police and CERT Polska.” The leak was also reported to the President of the Personal Data Protection Office. Its scale was not given.

“EuroCert sp. z o. o. makes every effort to minimize the effects of the attack and restore full functionality of IT systems as soon as possible,” the company assured.

Systems are being restored

NASK – the National Research Institute told PAP that “EuroCert is in no way related to CERT Polska, the security incident response team operating at the NASK institute.” NASK also confirmed that the attack was reported to CERT Polska, and specialists from this team initiated actions “in cooperation with the entity affected by the attack, with the relevant services and law enforcement authorities.”

“The systems are currently being restored to full operation. The attack vector will be the subject of further findings, which will help reduce similar risks in the future,” NASK added.

High risk of data being made public

The Institute emphasized that “the risk of data being made public is high” and reminded that every person whose data has been leaked or is in the possession of cyber criminals should “be prepared and aware that cyber fraudsters may want to use this data.” Such people should also be vigilant in relation to incoming messages, e-mails and telephone calls. They should also “verify their sender at the source”.

NASK also reminds you about the possibility of using the service of blocking your PESEL number. This can be done, among others: via the mObywatel application, which – as the institute pointed out – will help minimize the risks associated with unauthorized use of data, e.g. in a bank.

EuroCert

EuroCert has been operating on the market since 2012 and is one of five companies in Poland that provides qualified trust services based on the status granted to it by the National Certification Center of the NBP, which the company writes about in its social media. It offers, among others: electronic signatures, seals and timestamps. It provides services throughout the country in direct sales, online sales, and through a network of nearly 400 authorized partners. Its clients include public entities and companies, including: The Capital City of Warsaw, Polish State RailwaysPoczta Polska, Scania, Warbud, IBM, UNIQA.

Main photo source: Shutterstock



Source link

More articles

- Advertisement -

Latest article