The Public Prosecution Service is investigating a large-scale data theft that has affected several (Dutch) companies and organizations. That makes the OM announced on Friday. A Russian collective called Clop has claimed responsibility for the hacks. From international consultancy companies PWC and EY, the University of California and the American newspaper, among others The Boston Globe are known to be affected. The Public Prosecution Service speaks of a “very large number of companies that have fallen victim worldwide”.
Clop says he owns entire datasets from hundreds of companies and will publish them if they don’t pay. First, the victims can request two or three random files from the hacker collective, as proof that Clop really has the files. After that, the negotiations will begin, according to Clop’s step-by-step plan NRC found on the dark web. If there is no deal after ten days, Clop says to publish the entire dataset. The Public Prosecution Service advises affected companies not to comply with the group’s demands, as this “perpetuates criminal acts”.
Syndicates in Russia
Earlier, several Dutch companies and organizations publicly announced that they had been affected by the hack. So is the Dutch-German one power grid operator Tennet end of May. Many of these companies expressed fears that private customer data may have fallen into the hands of hackers. Affected companies abroad also issued similar warnings. According to the Public Prosecution Service, the High Tech Crime Team of the national police unit “started an investigation immediately after the first report”, in collaboration with “national and international partners”.
According to tech website Wired there is no “direct coordination between the Kremlin and Clop”, but research does show links between the Russian government and so-called “ransomware” groups. According to Wired are the syndicates allowed to operate in Russia as long as they don’t hack Russian organizations.
In the Netherlands, healthcare is generally the most vulnerable sector for hackers. Last year, companies to which Dutch healthcare institutions outsource their ICT were hit by a series of cyber attacks. The medical data of about 900,000 people have been leaked, according to the Dutch Data Protection Authority in their annual data breach report.