A cache of sensitive information has been reportedly stolen and leaked by a group of cyber criminals, described by the media as ‘Russian hackers’, from a tech provider working with British law enforcement.
The breach took place in October when tech provider Dacoll came under a phishing attack, the Daily Mail on Sunday reported. The IT company is contracted to handle highly-sensitive material, including access to the police national computer (PNC).
The cyber-criminal group Clop is believed to have gained access to the PNC data, holding records and personal data of some 13 million people, according to the outlet. The hacker group, believed to be of Russian origins, has attacked multiple high-profile targets lately, with Canada-based aircraft maker Bombardier and US-based tech company Accellion believed to be among its victims.
The data stolen from Dacoll includes images of motorists, apparently taken from the National Automatic Number Plate Recognition (ANPR) system, namely close-up images of speeding drivers. It was not immediately clear what other data might have been stolen by the hackers.
After the breach, Clop is said to have demanded ransom from the company. The demand was apparently refused, with the group reportedly leaking some of the data it obtained onto the dark web, as well as threatening to leak more if their demands were not met. The tech provider refused to reveal the scale of ransom demanded, trying to downplay the scale of the breach.
“We can confirm we were the victims of a cyber incident on October 5,” Dacoll said in a statement as quoted by the Daily Mail. “We were able to quickly return to our normal operational levels. The incident was limited to an internal network not linked to any of our clients’ networks or services.”
The breach has been also acknowledged by the British authorities, with the National Crime Agency stating that it has been aiding its investigation. “The agency is aware of an incident affecting Dacoll and we are supporting the investigation,” the agency stated.
Another government body, the National Cyber Security Centre confirmed the incident as well, stating that it has been working to “fully understand and mitigate any potential impact” of the data breach.