Hackers Steal Database of Users from the European Telecommunications Standards Institute

Unknown hackers hit the European Telecommunications Standards Institute (ETSI) portal and likely stole a database containing a list of their online users.

Not all attacks target a company’s or institution’s infrastructure only to deploy ransomware, even if that might always be the case if we pay attention to all the stories popping up in the media. Sometimes, hackers will simply try to exfiltrate information, as was the situation with the ETSI incident.

Unknown attackers found a vulnerability in ETSI’s portal and exploited it to download a database containing the online users.

“ETSI believes the database containing the list of their online users has been exfiltrated,” said the agency in a press release. “Since the attack and under the guidance of ANSSI experts, ETSI has fixed the vulnerability, undertaken additional security actions and significantly strengthened its IT security procedures. Following this incident, ETSI asked their online services users to change their passwords.”

The agency also notified the French Data Protection Authority (CNIL) as required by the General Data Protection Regulation (GDPR).

The ETSI IT team collaborated closely with the French National Cybersecurity Agency (ANSSI) to repair the affected systems, identify the vulnerability and apply the necessary fixes.

“The shutdown challenged our working procedures and IT systems and we managed to ensure business continuity for both our staff and our members whilst limiting the risks. They were able to keep working without disturbance during that period,” also said Luis Jorge Romero, ETSI Director-General.

More than 900 member organizations worldwide, drawn from over 60 countries, are part of ETSI. The institute's role is to support the timely development, ratification and testing of globally applicable standards for ICT-enabled systems, applications and services.