The ransomware attack on the municipality of Buren last April was possible because the hackers had a vendor's login credentials.
The account in question was not equipped with two-factor authentication (2FA). As a result, the attackers had enough with a username and password.
"In our security we follow the guidelines of the Baseline Information Security Government (BIO). After the ransomware attack, the municipality was able to continue immediately because the backup strategy was set up correctly. With regard to monitoring, at the time of the hack, a procurement process was still ongoing that had not yet been completed. Together with the experts, we have now set up the monitoring of systems," said Mayor Josan Meijers.
The cybercriminals posted one hundred and thirty gigabytes of stolen data on the Internet. "Unfortunately, we cannot rule out the possibility of more data surfacing on the darkweb. The municipality is alert to signs of data confidentiality violations as a result of the hack," Meijers explained.
