News

Role in the canton of Vaud: sensitive data viewable on the darknet

Photo of Simon Lüthje Simon Lüthje31. August 2021

Following a cyber attack on the municipality of Rolle in the Swiss canton of Vaud, a number of sensitive data on residents and employees have been published on the darknet. The municipality had initially denied the attack, but ultimately admitted to having detected it at the end of May.

Data files on the darknet

The attack became public through the watson.ch platform. The news portal had come across the freely accessible data on the darknet and reported on it. Subsequently, several other media also found the apparently easily accessible data. These include registration data of the municipality’s residents, personal data of the municipality’s employees as well as evaluations of their performance, school reports from the municipality, documents on financial planning and the e-mail box of the former municipality president. Based on the documents found, Watson.ch assumes that the attackers had access to the municipality’s servers over a longer period of time and were able to repeatedly tap into data there.

The municipal administration initially stated to watson.ch that it had no knowledge of an attack on its digital infrastructure. However, when confronted with the publicly available data, the president of the municipality, Monique Choulat-Pugnale, finally admitted that such an attack had been noticed at the end of May. It had been a ransomware attack, presumably made possible by a vulnerability in the operating system used. The municipality did not pay a ransom, as it estimated that the attack was minor and that only emails were hacked that did not contain sensitive data. In addition, all data that had been encrypted during the attack had been restored from backups.

By all accounts, this process of recovery was not easy: it took ten days and was accomplished with the involvement of the federal computer emergency unit, the Vaud cantonal police and an IT company. Informing the public about the actual extent of the attack, which is now known, was not done for tactical reasons on the advice of IT experts, so as not to further increase the municipality’s vulnerability. In the meantime, the municipality has acknowledged a “certain naivety” in dealing with the incident and admitted to having underestimated the impact. A task force has been established to address the crisis, according to community sources.

Vice Society said to be behind attack

Watson.ch believes that the Vice Society group, which mainly attacks small and medium-sized businesses and public institutions, is behind the attack. It is said to have used the PrintNightmare vulnerability, a gap in the Windows printing system, to penetrate the community’s systems.

Tags
Photo of Simon Lüthje Simon Lüthje31. August 2021
Photo of Simon Lüthje

Simon Lüthje

I am co-founder of this blog and am very interested in everything that has to do with technology, but I also like to play games. I was born in Hamburg, but now I live in Bad Segeberg.

Related Articles

solana

Cyberattack on Solana: millions in cryptocurrency captured

4. August 2022
Hackerangriffe

Hacker attacks on German electricity suppliers: trail leads to Russia

29. July 2022

Killnet: Russian hacker group with attacks against targets in the West

23. May 2022

Stalker Online – Player data published in hacker forums

27. June 2020

No replies yet

Beginne die Diskussion →

Neue Antworten laden...

Avatar of Basic Tutorials
Basic Tutorials

Gehört zum Inventar

8,152 Beiträge 2,109 Likes
Angeheftet Aug 31, 2021

Following a cyber attack on the municipality of Rolle in the Swiss canton of Vaud, a number of sensitive data on residents and employees have been published on the darknet. The municipality had initially denied the attack, but ultimately admitted to having detected it at the end of May. Data files on the darknet The … (Weiterlesen...)

Antworten Like

Beteilige dich an der Diskussion in der Basic Tutorials Community →

Back to top button