Orange Suffers Data Leak After Extortion Attempt

Orange Suffers Orange Group , one of Europe’s largest telecommunications companies, has confirmed a data leak that exposed thousands of internal documents from its Romanian subsidiary.

The attack compromised sensitive employee and customer information. Among the exposed data were:

380,000 email addresses
Source code of internal systems
Invoices, contracts and administrative records

The hacker responsible exploited compromised credentials and exploited flaws in the Jira software to access Orange’s systems. He remained on the network for over a month undetected and then exfiltrated approximately 6.5 GB of data in just three hours .

Hackers Invade Ivinhema City Hall and Demand a Ransom of US$ 1 Million

On 02/03, cybercriminals invaded the systems of the City Hall of Ivinhema (MS) and compromised the Taxation and Accounting departments .

Hackers accessed and stole personal recent mobile phone number data data from taxpayers , such as: Full name, CPF, ID, Address, telephone number, Date of birth and marital status.

After the attack, the attackers demanded a ransom of US$1 million to prevent the data from being disclosed. As a result of the hack, the Electronic Invoice issuance services and the IPTU online platform were interrupted.

In light of the incident, the city government issued a warning to the public about the risk of fraud. In addition, it advised citizens to be wary of suspicious messages requesting personal information. Technical teams then began restoring systems and implementing security measures to prevent further attacks.

Federal Justice Intern Arrested for Leaking Data to Criminal Gang

The Federal Police arrested a Federal Justice intern , a Law student in her 8th semester , accused of passing on confidential information to a criminal faction .

Investigations revealed that she accessed digital marketing services: take off your business the system at least three times to extract confidential data. During the operation, agents seized two computers and cell phones for analysis.

The intern will face charges of: Association with drug trafficking , Criminal organization and Violation of functional secrecy .

This case highlights the importance of access control and strict monitoring of internal users in government systems. This can prevent the misuse of confidential information, as leaks of such data can compromise investigations and public safety. In addition, companies and institutions must reinforce security policies to prevent unauthorized access and protect confidential information.

STJ Suffers Attack and Goes Offline for 48 Hours

The Superior Court of Justice (STJ) website faced instability and was offline for around 48 hours , following a cyber attack that occurred on Monday, March 3.

Despite the outage, internal systems were  betting email list  not compromised , according to a statement from the court. To mitigate the attack, the technical team activated access validation mechanisms , differentiating legitimate users from possible intrusion attempts.

In addition to the STJ, other government bodies also faced instability , including: National Council of Justice (CNJ) and Petrobras .

 

LaLiga Fined €1 Million for Misuse of Biometric Recognition

The Spanish Data Protection Agency (AEPD) has fined LaLiga 1 million euros for the inappropriate use of biometric recognition when accessing football stadiums.

In addition to the fine, the agency ordered the temporary or permanent suspension of this technology until the entity carries out a valid data protection impact assessment .

In its defense, LaLiga claimed that responsibility for processing data lies with the clubs and that the regulations had been approved by the Higher Sports Council .

The Importance of DPO as a Service in Data Protection

Recent cases of data leaks, cyber attacks and misuse of personal information demonstrate that companies and public bodies need to reinforce their privacy and information security policies .

DPO as a Service emerges as an effective solution for organizations seeking compliance with LGPD and other data protection standards. With this service, it is possible to:

Implement good security practices
Reduce risks and prevent penalties
Continuously monitor to prevent attacks and leaks
Ensure greater reliability in systems

Neglecting information security can result in severe penalties and irreparable damage to the company’s reputation . In addition, it can lead to the loss of customers and compromise the credibility of the business.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top