Violation of the data of the Croatian telephone operator affects 200,000 customers
Croatian mobile telephony operator ‘A1 Hrvatska’ has discovered a data breach in which the personal data of 10% of its users, approximately 200,000 people, were revealed.
The statement did not provide many details except that they suffered a cybersecurity incident that involved unauthorized access to one of their user databases, which contained sensitive personal data.
The type of information accessed includes full names, personal identification numbers, physical addresses, and telephone numbers.
A1 Croatia emphasizes that the data on bank cards or online accounts are not endangered, because the accessible database did not contain that data.
This critical part was confirmed by a computer forensics team that investigated the incident and analyzed the records to determine what was stolen.
A1 Croatia says that they directly inform the users whose data were revealed in this violation.
Meanwhile, Zagreb police have already received criminal charges and are investigating the attack.
“A1 Croatia takes this embarrassing situation extremely seriously and immediately after the first signs of suspicion of unauthorized access to the user base immediately and without delay prevented further unauthorized access and took additional protection measures,” reads the statement. Statement.
“A1 Croatia adheres to the highest security standards and data protection, and we will continue to make additional investments to improve the security environment. A recurrence of this security incident is not possible and has not had and will not affect customer service.”
A1 Croatia is a strategic partner of Vodafone, whose region of Portugal suffered a very devastating cyber attack three days ago, which led to the disruption of 4G and 5G data services.
Strategic partners sometimes share an Internet infrastructure, but in this case a connection seems unlikely, although it cannot be completely ruled out.
The incident does not appear to have affected A1 Croatia’s services or operations, and appears to be a case of unauthorized access to the database, either due to incorrect configuration or stolen credentials.
Bleeping Computer contacted A1 Croatia to find out more about this incident, and we will update this post as soon as we receive a response.