Saturday

19th Oct 2019

Hackers dump EU staff passwords and credit card details onto net

A number of people working for the EU institutions have had their emails, passwords and credit card details hacked and released to the general public over the Christmas break.

A partial list was recently published online by Anonymous, a loose network of cyber activists campaigning against the so-called 'New World Order'.

Read and decide

Join EUobserver today

Support quality EU news

Get instant access to all articles — and 18 year's of archives. 30 days free trial.

... or join as a group

  • Confidential details of EU institution staff were hacked and released (Photo: MyTudut)

Among the victims are administrators and officials at the European Commission, Eurojust (an EU body fighting organised crime), the European External Action Service, the European Parliament and Brussels-based think-tank the European Policy Centre (EPC).

Some have yet to be informed of the breach.

EUobserver on Monday (9 January) spoke to EPC analyst Amanda Paul who was unaware that her credit card number, password, mobile telephone number, mail address and email are floating in the public domain.

This website read her credit card number to her over the phone to confirm authenticity. After a very brief phone interlude, she promptly called her credit card company to cancel her card and change her email password.

All together, some 850,000 confidential details were released when Anonymous hacked into the Texas-based Stratfor Global Intelligence security firm.

Stratfor is a widely used private security research company. About 75,000 of its paying subscribers also had their credit card details disclosed, including some working for the EU institutions.

The leaked database has 19,000 email addresses ending in the .mil domain of the US military according to the Guardian newspaper. The list also included 242 Nato staff members.

"This company has suffered a blow to its reputation," Andreas Hartmann of the European Parliament's policy department on Citizens' Rights and Constitutional Affairs told this website.

Hartmann's confidential details were also breached, but he said "numerous actors" immediately informed him. He would not go into further detail.

"I immediately blocked my account. I didn't suffer any problems," he said, adding that he was satisfied by Stratfor's prompt response and communication on the matter.

Last year, Hartmann headed a study on the parliamentary oversight of security and intelligence agencies in the European Union.

For his part, Fred Burton, Stratfor's vice president of intelligence made a YouTube address on 28 December assuring paid subscribers they would be informed of the breach with details on how to protect their data. The company's website is still offline and has since been replaced by a page informing customers they will be entitled to a free one-year data identity coverage from a partner firm as compensation.

"Perhaps the reason Stratfor's taking its time to get back online is because they simply have no infrastructure anymore," anonymouSabu, one of the alleged masterminds behind Anonymous, tweeted on Saturday (7 January). According to Anonymous, the details were easily hacked because Stratfor did not run routine encryption on the data.

The entire operation could cast a long shadow over intense US lobbying against a leaked draft proposal for a Data Protection Regulation from the European Commission this past December.

Among the US complaints are the European Commission's views on data breach requirements, which they consider as "overly" severe and could undermine corporate data security practices.

"It is interesting to note that the US document tends to oppose specific proposals, such as the notification deadline and fines, in support of the vague issues such as not distracting businesses from improving corporate data security practices," wrote Joe McNamee in an email to EUobserver.

McNamee is an EU advocacy co-ordinator at European Digital Rights.

Public consultation of the draft ends on 15 January, with European Commissioner Viviane Reding, in charge of fundamental rights, expected to release a final draft of the directive before the end of the month.

A previous version of this article gave Andreas Hartmann of the European Parliament's policy department on Citizens' Rights and Constitutional Affairs the wrong job description. This mistake has since been corrected.

EU firms among targets in epic-scale hack

An unnamed state actor, believed by some experts to be China, has plundered data from three EU companies, on top of 69 other victims worldwide.

Hackers stole Van Rompuy's emails

Hackers last summer raided the emails of EU Council chief Herman Van Rompuy and 10 other senior EU officials.

EU parliament blocks websites 'to protect' staff

The EU parliament is routinely blocking websites such as Reddit or even the BBC in what internet security experts see as an exaggerated response to a virus which uses social networks.

News in Brief

  1. Macron: Nato's inability to react to Turkey a 'mistake'
  2. EU: US can expect counter measures after tariff move
  3. Almost 7,500 people forcibly returned to Libya in 2019
  4. Puigdemont released after responding to arrest warrant
  5. Commission: Facebook's Libra needs international approach
  6. Italian PM: denial of accession talks a 'historic mistake'
  7. Catalan president blames clashes on 'infiltrators'
  8. US imposes €6.7bn new tariffs on European products

Stalling on VAT reform costing billions, says Commission

German media outlet Correctiv, along with other newsrooms, have revealed how criminals annually cheat EU states out of billions in VAT fraud. The EU Commission says solutions exist - but member states refuse to budge on tax unanimity.

Stakeholders' Highlights

  1. Nordic Council of MinistersBrussels welcomes Nordic culture
  2. UNESDAUNESDA appoints Nicholas Hodac as Director General
  3. UNESDASoft drinks industry co-signs Circular Plastics Alliance Declaration
  4. FEANIEngineers Europe Advisory Group: Building the engineers of the future
  5. Nordic Council of MinistersNew programme studies infectious diseases and antibiotic resistance
  6. UNESDAUNESDA reduces added sugars 11.9% between 2015-2017
  7. International Partnership for Human RightsEU-Uzbekistan Human Rights Dialogue: EU to raise key fundamental rights issues
  8. Nordic Council of MinistersNo evidence that social media are harmful to young people
  9. Nordic Council of MinistersCanada to host the joint Nordic cultural initiative 2021
  10. Vote for the EU Sutainable Energy AwardsCast your vote for your favourite EUSEW Award finalist. You choose the winner of 2019 Citizen’s Award.
  11. Nordic Council of MinistersEducation gets refugees into work
  12. Counter BalanceSign the petition to help reform the EU’s Bank

Stakeholders' Highlights

  1. UNICEFChild rights organisations encourage candidates for EU elections to become Child Rights Champions
  2. UNESDAUNESDA Outlines 2019-2024 Aspirations: Sustainability, Responsibility, Competitiveness
  3. Counter BalanceRecord citizens’ input to EU bank’s consultation calls on EIB to abandon fossil fuels
  4. International Partnership for Human RightsAnnual EU-Turkmenistan Human Rights Dialogue takes place in Ashgabat
  5. Nordic Council of MinistersNew campaign: spot, capture and share Traces of North
  6. Nordic Council of MinistersLeading Nordic candidates go head-to-head in EU election debate
  7. Nordic Council of MinistersNew Secretary General: Nordic co-operation must benefit everybody
  8. Platform for Peace and JusticeMEP Kati Piri: “Our red line on Turkey has been crossed”
  9. UNICEF2018 deadliest year yet for children in Syria as war enters 9th year
  10. Nordic Council of MinistersNordic commitment to driving global gender equality
  11. International Partnership for Human RightsMeet your defender: Rasul Jafarov leading human rights defender from Azerbaijan
  12. UNICEFUNICEF Hosts MEPs in Jordan Ahead of Brussels Conference on the Future of Syria

Join EUobserver

Support quality EU news

Join us