Security News Helsinki suffers data breach after hackers exploit unpatched flaw

Gandalf_The_Grey

Level 78
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,770
The City of Helsinki is investigating a data breach in its education division, which it discovered in late April 2024, impacting tens of thousands of students, guardians, and personnel.

Though information about the attack was circulated on May 2, 2024, the city's authorities shared more details in a press conference earlier today.

According to the details disclosed today, an unauthorized actor gained access to a network drive after exploiting a vulnerability in a remote access server.

While the officials did not state what remote access product was targeted, they shared that a security patch for the vulnerability was available at the time of the attack but had not been installed.

The accessed drive contained tens of millions of files, most devoid of personally identifiable information (PII). Still, some included usernames, email addresses, personal IDs, and physical addresses.

Additionally, the exposed drive contained information about fees, childhood education and care, children's status, welfare requests, medical certificates, and other highly sensitive information.

"This is a very serious data breach, with possible, unfortunate consequences for our customers and personnel. We regret this situation deeply," commented city manager Jukka-Pekka Ujula.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top