Tele2 Web Site Hack Leads to the Identities of 60,000 Norwegians
Technorati Tag: Security Breach
Date Reported:
8/10/07
Organization:
Tele2 (Norway)
Contractor/Consultant:
None
Number Affected:
60,000
Types of Data:
Personal ID number (similar to Social Security number in Norway), name, and address
Breach Description:
Unknown hackers have stolen the confidential information mentioned above through undisclosed vulnerabilities in the Tele2 web site. Up to 60,000 Norwegians are affected by this breach.
Reference URL:
http://news.brisbanetimes.com.au/internet-hackers-steal-confidential-data-on-60000-norwegians/20073511-spc.html
http://www.aftenposten.no/english/local/article1930521.ece
Report Credit:
Kristin Solberg, Aftenposten
Response:
"a weakness on the website of the telephone operators Tele2 to procure the national personal identity numbers and addresses of subscribers, amounting to 1.3 percent of the country's population."
"The head of the data protection agency, Georg Apenes, was surprised to receive in the post a new chip for his mobile telephone from an operator to which he had not subscribed"
[Comfyllama] Georg Apenes is the Director General Datatilsynet Norway, essentially Norway's information security czar. Oops, wrong guy to pick as a victim. This means that the data is being used by the hackers and Tele2 cannot claim that there is no evidence of misuse.
"Agency official Gunnel Helmer said, "We hope that this time someone just wanted to highlight the ease with which identities can be stolen on the Internet."
[Comfyllama] Wishful thinking!
"Tele2, which had been warned several times to make its website more secure"
Commentary:
I have not been successful in finding any more details regarding this breach. It is ironic that Georg Apenes was victimized in the attack. I wonder why in the world was this type of information available through the web site.
Past Breaches:
None since August 2007
Date Reported:
8/10/07
Organization:
Tele2 (Norway)
Contractor/Consultant:
None
Number Affected:
60,000
Types of Data:
Personal ID number (similar to Social Security number in Norway), name, and address
Breach Description:
Unknown hackers have stolen the confidential information mentioned above through undisclosed vulnerabilities in the Tele2 web site. Up to 60,000 Norwegians are affected by this breach.
Reference URL:
http://news.brisbanetimes.com.au/internet-hackers-steal-confidential-data-on-60000-norwegians/20073511-spc.html
http://www.aftenposten.no/english/local/article1930521.ece
Report Credit:
Kristin Solberg, Aftenposten
Response:
"a weakness on the website of the telephone operators Tele2 to procure the national personal identity numbers and addresses of subscribers, amounting to 1.3 percent of the country's population."
"The head of the data protection agency, Georg Apenes, was surprised to receive in the post a new chip for his mobile telephone from an operator to which he had not subscribed"
[Comfyllama] Georg Apenes is the Director General Datatilsynet Norway, essentially Norway's information security czar. Oops, wrong guy to pick as a victim. This means that the data is being used by the hackers and Tele2 cannot claim that there is no evidence of misuse.
"Agency official Gunnel Helmer said, "We hope that this time someone just wanted to highlight the ease with which identities can be stolen on the Internet."
[Comfyllama] Wishful thinking!
"Tele2, which had been warned several times to make its website more secure"
Commentary:
I have not been successful in finding any more details regarding this breach. It is ironic that Georg Apenes was victimized in the attack. I wonder why in the world was this type of information available through the web site.
Past Breaches:
None since August 2007
Posts Atom 1.0
Comments