Archives stretching back 15 years leaked
A total of 1.2 TB of data was leaked, including scans of contracts concluded by Atende with companies and public administration units in the years 2000-2012 and 2015-2020, e-mail archives, and documents containing sensitive information (including personal data and Polish national ID numbers of employees) and login data (including login-password pairs and private keys for logging in using SSH), among other things.
According to the CyberDefence24 portal, the attack on Atende was carried out by the same cybercriminal group that in recent months has carried out attacks on two other Polish companies: AIUT and SuperDrob, and which also conducted global operations targeting entities m.in. from the financial, industrial and energy sectors.
Atende first announced the security incident on 4 October. In connection with the detection of a data leak from the company’s network, the company immediately filed a notification of suspicion of committing a crime to the District Prosecutor’s Office Warsaw-Praga in Warsaw. Notifications were also sent to the Central Bureau for Combating Cybercrime, the President of the Office for Personal Data Protection and CERT Polska.
