Polish telecom Netia suffered a major data breach following an attack that allowed hackers gain access to 14GB of customer data. Following the incident, which took place on July 7, the company's website was down until later that day.
Netia owns Poland's second largest fixed phone line, and provides TV, Internet and mobile telephony services to its customers. The company says it operates a fibre network with a length of about 14,000 km.
Lidia Marcinkowska, a spokesperson for Netia, told SCMagazineUK.com that, following the latest attack, the Polish operator decided to establish cooperation with an outside team of IT experts. The team is currently advising Netia on additional security measures that could prevent a similar incident in the future, according to the spokesperson.
“The team is currently working on optimising the existing measures. At this stage, we would prefer not to disclose further details on these works,” Marcinkowska said. “To date, Netia has been using security measures which comply with the highest standards and best practices.”
Netia said in a statement that the incident involved “unlawful access to personal data that [our customers] inserted through forms on the website netia.pl”, but that, despite the attack, “the passwords and logins to the self-service NetiaOnline webportal are secure, and, as a result, customers do not need to take any additional actions.”
Tony Pepper, the chief executive of Egress Software Technologies, highlights the need to provide encrypted web forms to halt such attacks.
"While most organisations are cottoning on to the need to encrypt customer data when it is being shared by mechanisms such as email, for some reason web forms often slip under the radar," Pepper said. "By and large, they are often submitted in plain text, unencrypted. This is despite the fact they are often used to share private and potentially sensitive information, such as: age, address or even bank details (as in this case). What's more, submitted information is sometimes at risk of then being held in an insecure environment."
A Twitter account whose owners associate themselves with Ukrainian ultra-nationalist Right Sector party claimed responsibility for the attack and published links to storage services where some of the stolen data was uploaded. In mid-July, the same account said it gained access to classified information from the servers of the Polish Ministry of Defence. The ministry said the breached data was not classified, and that the cyber-attack targeted a non-classified database that has not been updated since 2012.
Right Sector is a far-right party that opposes Russia's military intervention in eastern Ukraine, but also Ukraine's cooperation with the European Union and NATO.
Meanwhile, local industry observers say that Polish companies need to upgrade their cyber-security measures, but that many players lack the necessary strategic thinking that should guide such efforts.
“We must remember that the process of increasing cyber-security is not a one-time undertaking, but an evolution that must last,” Dariusz Włodarczyk, an IT security expert at Hestia Loss Control, told SCMagazineUK.com. “First of all, we must determine what kind of systems we're already using, what are our capacities and how we can effectively use our existing assets. Only after this stage, are we ready to consider purchasing additional countermeasures.”
“The key to an increased resistance to infectons and hacking attacks is the process of continued improvement,” Włodarczyk said.
Netia posted revenues of more than PLN 1.57 billion (£299 million) for 2015. The company's main shareholders include local investment fund FIP 11 FIZAN, with a 20.04 percent stake, Mint of Poland, with 15.88 percent of the shares, and SISU Capital, with a stake of 12.73 percent.