Government Organization alerts of Limited Data Exposure Following Targeted Assaults
The Land Registry agency in Greece announced this week that it had endured a data security incident in the wake of over 400 cyberattacks on its IT systems in recent days.
According to an official statement from the government organization, hackers managed to compromise employee terminals during the sustained attacks and steal approximately 1.2 GB of internal documents and records.
While the stolen data is said to “not contain any citizens’ personal information”, the attacks represented a violation of the agency’s databases.
Daily Backups Prevent Further Data Loss
The Land Registry revealed that the unauthorized actors attempted to install a malicious user profile to access the central registry database but were unsuccessful in doing so.
One of the daily backups of the database, which are conducted regularly, was accessed by the attackers in their efforts. However, the land registry noted their attempt to exfiltrate the extracted data to an external server was blocked.
Ransomware Deemed Not Involved
An investigation into the security breach by the Land Registry and Cybersecurity Directorate of the National Defense General Staff found no indications that ransomware malware had impacted the breached internal systems. As a precaution, emergency measures were taken such as terminating all VPN connections to the organization’s network.
Mandatory Password Resets and 2FA
In the aftermath, all employee credentials were reset as part of the recovery process. Two-factor authentication was also made mandatory for registry account access going forward in order to strengthen security protections. The last reported cyber attack occurred on July 19th and was thwarted without further system compromise.
Services Maintain Operations
Currently, the Land Registry’s digital services continue operating as usual while the full fallout of the security incident is ongoing. Transactions with citizens have remained uninterrupted, which are regarded as having appropriate safeguards in place. The agency aims to ensure minimal disruption to operations and activities.
Country Has Faced Prior Ransomware Assaults Impacting Critical Infrastructure
Greece has seen other high-profile data breaches and ransomware attacks in recent years. In 2022, the national postal service provider ELTA fell victim to ransomware leading to widespread service outages. Months later, the Ragnar Locker ransomware group targeted Greece’s main gas supplier DESFA, encrypting systems and exfiltrating confidential documents. The land registry breach demonstrates the ongoing risks and challenges public bodies face from sustained digital assaults.
