Summary: The Belgian federal prosecutor is investigating a breach of the State Security Service (VSSE), allegedly linked to Chinese state-backed hackers. The attackers accessed and siphoned roughly 10% of the agency’s emails from an external server used for communication with various governmental bodies. There are concerns over the potential exposure of sensitive personal data belonging to VSSE staff and past applicants, although no evidence of data being sold or ransom demands has surfaced so far.
Affected: Belgian State Security Service (VSSE)
Keypoints :
- Chinese hackers reportedly breached VSSE’s external email server from 2021 to May 2023.
- The compromised server was used for communication with various public administration bodies, raising privacy concerns.
- Belgium has previously experienced cyberattacks attributed to Chinese state-backed groups.
- Investigations reveal that a zero-day vulnerability in Barracuda’s Email Security Gateway was exploited for the attack.
- No evidence has been found of stolen data on dark web forums as of now.
Views: 7