According to the Estonian Information System Authority – also known by its Estonian acronym, RIA – three Estonian ministries reported cybersecurity incidents in November that resulted in significant breaches of personal data.
The three ministries were the economy ministry, the foreign ministry and the social affairs ministry.
“The affected ministries have been working with RIA to analyse the attack vectors of the breach and contain the intrusions. The three attacks bear similarities as all were directed toward the web server infrastructure,” RIA said in a statement.
The information stolen from the social affairs ministry included data regarding the containment of infectious diseases, affecting 9,158 people. The Health and Welfare Information Systems Centre was able to restrict the access to their systems within eight hours. The Estonian Health Board will be contacting the people affected in the near future, RIA said.
The incidents also affected multiple servers at the economy ministry.
“Despite the seriousness of the incidents there is no threat of disruption of state services. To help counter the threat we have engaged experts from the public and private sector. Now that the initial mitigation efforts are done, we need to work together across the country to keep such attempts from being successful,” Raul Rikk, the head of cybersecurity policy at the economy ministry, said in a statement.
Serious breaches, but the situation is under control
In the incident concerning the foreign ministry, a database containing information already accessible to the public was copied but no restricted documents or sensitive personal information were retrieved, according to RIA.
“We consider these breaches serious,” Lauri Aasmann, the director of cyber security at RIA, said. “The situation is under control as of now. We have informed our partners in the public and private sector about details of these incidents which will help secure against similar attempts in the future. RIA will continue to assess the incidents. We have notified the vendors of these vulnerabilities and patches are already available.”
The police have commenced an investigation regarding unlawful access to computer systems. The investigation is being led by the Office of the Prosecutor General.
RIA has compiled the initial details of the incident and shared its recommendations with the IT-security experts at Estonian public sector institutions and operators of vital services.
The cover image is illustrative. Photo by Jefferson Santos/Unsplash.