Population screening Netherlands warns the victims of the data breach this week by letter that they should be careful for fraud. The extent of the data that have been stolen is responsible for experts, they say to Nu.nl. “Every conceivable form of fraud is possible with this.”
At the data breach of Laboratory Clinical Diagnostics, data was stolen from at least 485,000 people who participated in the population screening for cervical cancer. In addition, personal information such as names, addresses, social security numbers and test results have been captured. What can you expect – and what should you be careful – if you belong to the victims?
According to Rejo Zenger, policy advisor of Stichting Bits of Freedom, it is a “particularly fierce” leak, because it is a combination of a lot of and sensitive data, he explains to NU.nl. The question is what the hackers want to do with it.
According to Zenger, there are always two options. The first is to use the stolen data to put pressure on the source, as has already happened at Clinical Diagnostics. The hacker has threatened to publish the captured data of the more than 485,000 patients on the Darweb if Clinical Diagnostics does not pay. To show that it is serious, the data of 53,516 people have already been placed.
The second option is that Hackers focus on the persons whose data has been leaked. If you have been told by letter that your data was stolen, you could also be extorted in theory. This can be done by the hackers themselves, or by other cyber criminals who have found your data via the Darweb.
But with all the data that has been captured, “every conceivable form of fraud” is possible, says Marianne Junger. She is emeritus professor of cyber security at the University of Twente. “For example, think of identity fraud, where someone can occur with your data as someone else.”
This mainly concerns the combination of different data. For example, with a social security number only, hackers can do little. But the possibilities are for the taking if a name or address is also linked to it.
‘Risks depend on creativity cyber criminals’
It depends very much on the “creativity” of the cyber criminals how to abuse the stolen data, says Daan Keuper, security specialist at online security company Computest. “Often these malicious parties have several operations at the same time and they want to earn as much money as possible in a short time. So it doesn’t have to take too much time.”
The cyber security experts therefore point out to all three that the victims must be vigilant for phishing. That is a form of internet fraud in which criminals occur in an email or SMS message as a person, company or body. The goal is to collect more information about you or to get rid of money. You are often asked to click on a link, log in something or transfer money.
“And the more data they have from you, the more realistic such an email or SMS looks like,” says Junger. Normally you can recognize fake emails by spelling errors or a striking question. But if they have your full name, address, social security number and even medical information, you can quickly think that an email really comes from, for example, the Netherlands in the Netherlands, she explains.
“It could therefore just be that affected people get a false reminder of the population screening,” adds Zenger from Bits of Freedom. “While the population screening is free.”
‘Risk for fraud is not smaller’
In addition to Phishing, Junger also sees other risks for victims. Since addresses have also been leaked, malicious parties could come to the door for a so -called chat trick. “And if telephone numbers have also been leaked, people can be called by someone who presents himself as a bank employee. If he knows all your data, that is very credible.”
So pay attention in the coming period for the recipients of the letter. Although that actually applies to everyone, Keuper emphasizes. “Many people have probably leaked data, since we leave data in so many places. But the people who participated in the population screening have a reason to be extra sharp.”
In addition, he points out that it is not just about the coming weeks or months. Once data is made available at the Darweb, chances are that it will continue to float there or are already in the hands of other cyber criminals. “The risk of fraud therefore does not suddenly become smaller within the foreseeable future.”
Population screening Netherlands (Population Screening Netherlands) is Warning the Victims of the Data Breach This Week by Letter That They Should Be Wary Of Fraud. The Extent of the Data That has Stolen Worries Experts, They Tell Nu.nl. “Every Conceivable Form of Fraud is Possible with this.”
In the Data Breach at the Clinical Diagnostics Laboratory, Data was stolen from at Least 485,000 people who participated in the population screening for Cervical Cancer. This Included Personal Data Such As Names, Addresses, Social Security Numbers, And Test Results. What can you expect – and what should you watch out for – if you are among the victims?
Accordance to Rejo Zenger, Policy Advisor at the Bits of Freedom Foundation, IT is a “particularly Severe” Leak, because it Concerns A Combination of a Lot of Sensitive Data, He explains to nu.nl. The Question is what the hackers because to do with it.
Accordance to Zenger, there are Always Two Options. The First is to use the Stolen Data to Put Pressure on the Source, As has already happened with clinical diagnostics. The Hacker has threated to publish the Stolen Data of More than 485,000 patients on the dark web if clinical diagnostics does not pay. To show that they mean business, the data or 53.516 people have already legs.
The Second Option is that hackers target the individuals whose data has leaked. If you have recurred a letter stating that your data has been stolen, you could theoretically be blackmailed. That can be done by the hackers Themselves, or by other cybercriminals who found your data via the dark web.
But with all the data that has stolen Been, “Every Conceivable Form of Fraud” is Actually Possible, Says Marianne Junger. She is an emeritus professor of cyber security at the University of Twente. “Think, For Example, or Identity Fraud, Where Someone Can Use Your Data To Imponate Someone Else.”
It is Mainly about the Combination of Different Data. Hackers can do little with just a social security number, for example. But the possibilities are there for the taking if a name or address is also left to it.
‘Risks Depend on the Creativity of Cybercriminals’
It Depends Very much on the “Creativity” of the cyber criminals in What Way Misuse Can Be Made of the Stolen Data, Says Daan Keuper, Security Specialist at Online Security Computest. “Or thesis malicious parties have several operations running at the same time and because to earn as much money as possible in a short time. So it shouldnn’t all take too little time.”
The CyberSecurity Experts Therefore All Three Point Out That The Victims Should be particularly Vigilant for Phishing. That is a form of internet fraud in which criminals pose as a person, company or institution in an email or text message. The goal is to collect more data about you or extort money. You are Often Asked To Click On A Link, Log in Somewhere Or Transfer Money.
“And the more data they have about you, the more realistic such an email or text message seems,” Says Junger. Normally you can recognize fake emails, for example, by spelling errors or a striking question. But if they have your full name, address, social security number and equal medical information, you can quickly think that an email really come from, for example, population survey Netherlands, she explains.
“It could Therefore just be that affected people Receive a false reminder from the population screening,” adds zenger or bits of freedom. “While the population screening is free.”
‘Risk of fraud will not decrease’
In Addition to Phishing, Junger also sees other Risks for Victims. Since addresses have also leg leaked, malicious parties could come by for a so-called scam. “And if telephone Numbers have also leged, people can, for example, be called by some who pretends to be a bank employee. If that person alreamy knows all your data, that is very credible.”
It is Therefore Important for the Recipients of the Letter to Pay Attention in the Coming Period. Althegh that Actual Applies To Everyone, Keuper Emphasizes. “Data has probable alreaDy leg leaked from many people, since we leave data in so many places. But the people who participated in the population screening have a reas to be extra sharp.”
He pointss out that it is not only about the coming week or months. Once Data Has Been Made Available On The Dark Web, There Is A Good Chance That It Will Continue To Float Around There OR Is Already In The Hands Of Other Cybercriminals. “The Risk of Fraud Will Therefore Not Suddenly Decrease in The Foreseeablet Future.”