Russian hackers not only captured names and national registry numbers when they infiltrated servers of Limburg.net. Documents of notaries and courts were also misappropriated by the attackers. That makes the data breach extra dangerous. So says Tim Verheyden, VRT NWS digital media expert.
Limburg.net is a waste management company that operates in 43 municipalities in Flemish Limburg and the Belgian city of Diest. On Wednesday, December 13 last year, the waste processor suffered a cyber attack. In the process, the Russian hacker group Medusa managed to get its hands on personal data of 311,000 Flemish households. It involved names, residential addresses and national register numbers.
Data such as e-mail addresses, telephone numbers, identity card numbers, login information, bank account numbers or bank card numbers were not captured in the attack, a spokesperson confirmed. Also, the hackers managed to obtain documents about Limburg.net's merger with three intercommunal companies in 2005.
Tim Verheyden's investigation reveals that the perpetrators misappropriated much more data. "There are documents leaked from notaries, which are about inheritances, for example. There are also many documents from courts or about living wages. And people are mentioned by name," he said Monday on the program 'De wereld vandaag' on Radio 1.
Combining names, addresses and national registry numbers with this privacy-sensitive information makes the data leak extra dangerous, according to Verheyden. "If you have information about someone's living wage, e-mail address, address ánd national registration number, you can send very targeted phishing mails. I would advise people to keep an extra eye on those mails," he warns.
VRT NWS asked Limburg.net for a comment. The waste management company says that the incident was communicated correctly. A conscious decision was made not to say anything about the court and notary documents: that way, the company wanted to avoid putting affected customers in a negative light. Therefore, the company spoke of "payment and billing data.
Limburg.net sent letters to those affected on Monday. In them, the waste processor tells exactly what data was stolen by the hackers. Data specialists at the company say they are investigating VRT NWS' claim.
Russian hacker group Medusa says on the dark web it is responsible for the attack on Limburg.net. The hacker collective is demanding a $100,000 ransom. If the waste management company refuses to pay, the group threatens to make the captured data public.
Hans Roggen, spokesman for the waste management company, said last week that Limburg.net has no intention of paying the ransom amount. "We have never been in contact with them. This is about extortion. You also don't know for sure if you will get the data back once you pay. After all, they are criminals," he told Belgian media.
