The State Data Protection Inspectorate (VDAI) has opened an investigation into the leak of customer data from the alio.lt advertising portal and the verslilietuva.lt website.
During the investigation, the data security measures used by the portal managers will be assessed, the inspection said.
“VDAI has already initiated investigations on its own initiative regarding a possible breach of data security in the organizations, so individual complaints from individuals will not be considered. The decisions taken will be announced publicly once the investigation completed,” the report said.
Alio.lt user data may have been leaked due to a cyberattack, during which an attempt was made to remove 345,000 user data from the portal database – an attempt was made to guess user IDs and phone numbers, the portal reported Thursday.
It is stated that extremely sensitive information – bank account, payment card data, personal codes, personal addresses – was not stored and stored in the alio.lt database.
The exact hackers are unknown, but it is speculated that it could be another Russian attack on Lithuania’s IT space.
The portal informed users about the cyberattack, deleted their passwords, they are recommended to change passwords for social networks or other accounts, because hackers can try to guess the passwords of others accounts with the old alio.lt password.
The advertising portal alio.lt belongs to the Estonian company “Ekspress Grupp”, which also operates the information portal “The Postedia”. It is stated that the information infrastructures of alio.lt and delfi.lt are separate, so there is no threat to delfi.lt users.
During the incident on the verslilietuva.lt website, data such as names, surnames, e-mail addresses, telephone numbers, addresses, passwords for logging into the calculator may have been leaked.
Site administrators reported the data breach incident in late June.
“The website was hacked and customers who were using a business plan financial calculator were stolen. Customer payment data and other financial data were not collected and were not stolen,” says the report published by verslilietuva.lt.
The website is managed by the Innovation Agency, the incident is associated with cyberattacks directed against Lithuanian institutions.
Lithuanian public institutions, businesses, private companies and online media have recently been victims of so-called Distributed Denial of Service (DDoS) attacks. According to Lithuanian officials, the Killnet group, linked to Russian intelligence, claimed responsibility.
Source: The Delfi
James Robert is a health journalist for The Postedia. With a background in medicine and a deep understanding of current health issues, James provides informative and trustworthy coverage of the latest developments in the field of health.