Share

Related Links

Top 5 Stories

News

Hackers levy an ‘idiot tax’ on Belgian bank

03 May 2012

“While this could be called 'blackmail,' we prefer to think of it as an 'idiot tax' for leaving confidential data unprotected on a Web server,” announces an unidentified hacker group in a news statement on Pastebin.

Last week a group of hackers accessed the servers of Elantis, a mortgage and consumer credit unit of the Belgium-based Dexia bank (recently rebranded as ‘Belfius’). According to their Pastebin announcement , the hackers downloaded “database tables containing data such as internal login credentials” and “numerous tables which contain Internet loan applications, as well as fully-processed applications.”

Getting hacked is now an occupational hazard for any website, and many security experts say that once targeted, it is inevitable. However, what will concern regulators is the hackers’ claim that “this data was left unprotected and unencrypted on Elantis' servers.” The hackers are demanding payment of ‘the equivalent of roughly €150,000’ before tomorrow, Friday 4th May.

Belfius has not denied the breach, but stresses that the Elantis servers (taken off-line by the bank following the breach) are separate to the Belfius bank servers. In a statement to Reuters, spokeswoman Monique Delvou said the data concerned was information entered by individuals or brokers seeking mortgages or consumer credit. She says the information cannot be used to commit fraud, although the claims of the hackers, and sample posted by them, suggests they have obtained full names, email addresses, job descriptions, ID card numbers, contact information and income details.

Belfius states that it will not respond to blackmail, and that it has filed a complaint with the police. ‘People whose data was possibly seen will receive a letter with information and our apologies,’ said Delvou.

This article is featured in:
Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×