Saturday, November 23, 2024

Sensitive UK police data leaked by ‘Russian hackers’ – media

A cache of sensitive information has been reportedly stolen and leaked by a group of cyber criminals, described by the media as ‘Russian hackers’, from a tech provider working with British law enforcement.

The breach took place in October when tech provider Dacoll came under a phishing attack, the Daily Mail on Sunday reported. The IT company is contracted to handle highly-sensitive material, including access to the police national computer (PNC).

The cyber-criminal group Clop is believed to have gained access to the PNC data, holding records and personal data of some 13 million people, according to the outlet. The hacker group, believed to be of Russian origins, has attacked multiple high-profile targets lately, with Canada-based aircraft maker Bombardier and US-based tech company Accellion believed to be among its victims.

The data stolen from Dacoll includes images of motorists, apparently taken from the National Automatic Number Plate Recognition (ANPR) system, namely close-up images of speeding drivers. It was not immediately clear what other data might have been stolen by the hackers.

After the breach, Clop is said to have demanded ransom from the company. The demand was apparently refused, with the group reportedly leaking some of the data it obtained onto the dark web, as well as threatening to leak more if their demands were not met. The tech provider refused to reveal the scale of ransom demanded, trying to downplay the scale of the breach.

“We can confirm we were the victims of a cyber incident on October 5,” Dacoll said in a statement as quoted by the Daily Mail. “We were able to quickly return to our normal operational levels. The incident was limited to an internal network not linked to any of our clients’ networks or services.”

The breach has been also acknowledged by the British authorities, with the National Crime Agency stating that it has been aiding its investigation. “The agency is aware of an incident affecting Dacoll and we are supporting the investigation,” the agency stated.

Recommended:  Apple fixes exploited iOS, iPadOS zero-day (CVE-2022-42827)

Another government body, the National Cyber Security Centre confirmed the incident as well, stating that it has been working to “fully understand and mitigate any potential impact” of the data breach.

Bookmark
Please login to bookmarkClose
Share the word, let's increase Cybersecurity Awareness as we know it
- Sponsored -

Sponsored Offer

Unleash the Power of the Cloud: Grab $200 Credit for 60 Days on DigitalOcean!

Digital ocean free 200

Discover more infosec

Steven Black (n0tst3)
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK. I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated... I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK. I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

more infosec reads

Subscribe for weekly updates

explore

more

security