Hackers steal user database from European telecommunications standards body

Siva Ramakrishnan
A nonprofit institution for developing communications standards said hackers have stolen a database identifying its users.

A nonprofit institution for developing communications standards said hackers have stolen a database identifying its users.

The European Telecommunications Standards Institute (ETSI) announced the incident last week. It is not yet clear whether the attack was financially motivated or if the hackers had intended to acquire the list of users for espionage purposes.

Following the incident, ETSI, which is based in the Sophia Antipolis technology park in the French Riviera, said it brought in France’s cybersecurity agency ANSSI “to investigate and repair the information systems.”

The nonprofit said the “vulnerability on which the attack was based has been fixed,” although it did not identify the vulnerability. A spokesperson declined to clarify whether this had been a known vulnerability or a zero-day at the time of the attack.

“Under the guidance of ANSSI experts, ETSI has fixed the vulnerability, undertaken additional security actions and significantly strengthened its IT security procedures. Following this incident, ETSI asked their online service users to change their passwords,” the institution stated.

A judicial inquiry — effectively the investigation phase of criminal proceedings in France — is underway, and the French data protection authority has been informed of the data breach, said ETSI.

In the statement on the institution’s web page, the director-general Luis Jorge Romero described the hack as a “crisis” and thanked ANSSI for helping the body “determine the remedial actions to be taken, and to strengthen the security of our systems.”

ETSI has more than 900 member organizations from over 60 countries, including “large and small private companies, research entities, academia, government and public organizations.” It’s unclear what information about them was in the stolen database.

Telecommunications standards are a fraught topic internationally. As articulated by Ian Levy, the former technical director of Britain’s National Cyber Security Centre, these standards encode social values and have a material impact on the ways our society functions.

Last year, diplomats and industry representatives gathered in the Romanian capital of Bucharest to elect officials running the U.N.’s International Telecommunications Union, an obscure agency that has over the past decade become one of the most vigorously contested parts of the international system.

Despite anxieties about the direction of the vote amid the backdrop of the war in Ukraine, the U.S. contender to lead the agency defeated their Russian rival by a surprising landslide vote.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Alexander Martin is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

U.K. Royal Family Website Faces Cyber Siege: A Close Look at the DDoS Attack

Next Post

Cisco warns of attempted exploitation of zero-day in VPN software

Related Posts

Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others

Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. "The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code with verified commits, setting up a custom
Jason Macuray
Read More

FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks

The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the government said in an updated advisory. "This is likely in response to the ALPHV/BlackCat administrator's
Read More