Ransomware Group Targeted Belgian Municipality, But Attacked Police

Ransomware Group Targeted Belgian Municipality, But Attacked Police

The Zwijndrecht police, a local police unit in Antwerp, Belgium, was the source of the data that the Ragnar Locker ransomware group publicized as having been taken from what they believed to be the municipality of Zwijndrecht. Thousands of automobile license plates, penalties, criminal report files, employee information, investigation reports, and more are purportedly among the leaked information.

This kind of information may make people who report crimes or abuse public, which might jeopardize existing law enforcement operations and investigations. According to Belgian media, this data leak—which exposed all information stored by the Zwijndrecht police from 2006 until September 2022—is among the greatest to have affected a public institution in the nation.

In a Facebook post in response to local media coverage, the Zwijndrecht police minimized the event’s significance. They claimed that the hackers had only accessed the network portion that contained administrative data for the police. According to the police, the threat actors could only access information on the administrative network, largely impacting staff. Marc Snels, the chief of police in Zwijndrecht, informed the VRT news network that the data breach was caused by human mistake and that all those exposed are now being contacted to let them know about the situation.

“It is not the case that all data has been leaked. This network mainly contains personal information from our staff, such as personnel lists and photos from personnel parties,” Snels said to local media.

Thousands of individuals still consider the breach on the local Zwijndrecht network noteworthy even though this event did not affect Belgium’s national police network. The attack on Het Laatste Nieuws was first reported by Belgian journalist Kenneth Dée, who also revealed that the threat actors reportedly exploited a Citrix endpoint with weak security to access the police department’s network. Dée’s analysis of the data discovered telecom service subscriber metadata and SMS of individuals under covert police investigation. Additionally, the exposed data include traffic camera footage that reveals people’s whereabouts at particular times and dates.

“This is the largest law-enforcement leak in the history of Belgium and probably the most impactful leak we have ever seen in our country,” said Dée. “It should be a wakeup call for local police and the way they handle citizens’ data, and hopefully, it will set things in motion towards changes on that front.”

Although the prosecutor started a criminal prosecution focusing on the hacking event, the country’s data protection body has not yet declared an inquiry into the issue. Matthias Dobbelaere-Welvaert, a privacy advocate and lawyer from Belgium, advised persons exposed to alter whatever they can, including their license plates, identification cards, passports, and other documents.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.