Royal Dutch Cycling Union Disclosed Ransomware Attack

Joining the list of latest cyberattack victims, now comes a Dutch national governing body. Reportedly, the Royal Dutch Cycling Union has suffered a ransomware attack. The attackers have demanded ransom for the entity to regain data access, but the victims have refused to pay.

Royal Dutch Cycling Union Ransomware Attack

The Royal Dutch Cycling Union (Koninklijke Nederlandsche Wielren Unie) has confirmed a ransomware attack via a security notice. The organization confirmed that the attackers accessed their databases and stole data. However, they ensured that the affected database contained old information only.

As stated in the notice [translated],

We regret to report that a data hack has taken place in our old MijnKNWU environment. It is no longer in use for the public since the beginning of this year, but was still accessible for internal and historical use. The breach affected the personal information of our members or people included in our legacy database for any reason.

While they haven’t explicitly stated the details of stolen data, they did confirm that it included personal and contact details.

KNWU has clearly stated the attack as a ransomware incident. However, they have refused to fulfill this demand for two reasons. First, the affected data only included old data for which they do have backups in place. Second, paying the ransom would still not warrant the safety of stolen information.

What Next?

Following the incident, KNWU reported the matter to the Dutch Data Protection Authority and the police.

Besides, they confirmed that the incident didn’t impact the new KNWU environment migrated earlier this year. Also, the membership renewals and other procedures remain unaffected.

It also does not affect membership renewals and/or applications for next week’s licenses that will run entirely through the new system.

However, they have asked the users to reset their passwords to keep their accounts safe. Also, they have shared security tips on their website besides asking the users to remain vigilant for any phishing attempts.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients