Dutch Research Council (NWO) Admitted To Have Suffered DoppelPaymer Ransomware Attack

Once again, a ransomware attack victim has surfaced online after losing valuable data to criminals. The latest incident happened with the Dutch Research Council (NWO) which recently confirmed the DoppelPaymer ransomware attack on its network.

Dutch Research Council (NWO) Suffered Ransomware Attack

Reportedly, on February 14, 2021, the Dutch Research Council (Nederlandse Organisatie voor Wetenschappelijk Onderzoek: NWO) suffered a cyber attack.

At that time, the council merely disclosed the hacking attack that resulted in the suspension of its internal services. While the NWO.nl website remained unaffected, the council couldn’t access the internal office software as well as Outlook.

Later on, NWO set up a dedicated FAQ page where they kept adding questions to share more details.

Initially, NWO didn’t share any details about the nature of the attack. All they explained was how they’re working to restore the services.

However, recently, they have confirmed that the council suffered a ransomware attack.

DoppelPaymer Attack Confirmed

Since February 24, 2021, the DoppelPaymer gang started leaking the data stolen from the NWO network.

Consequently, the Dutch Research Council also confirmed to have fallen prey to DoppelPaymer ransomware.

As revealed in the latest update, NWO suffered the attack on February 8, 2021. Since they refused to pay the demanded ransom to the attackers, the latter started leaking the data files.

Regarding the hacked data, they have stated on their FAQ page,

The network disks containing the data processed by NWO, the NWO-I office, SIA and NRO. It also contains the mail servers of NWO, office NWO-I, SIA and NRO. Furthermore, links with various external applications have gone wrong or closed.

Instead of surrendering to the attackers, NWO is instead working itself to restore the services.

Although NWO deeply regrets that data of its own employees are now being made public unauthorized, this does not change this choice. This will mean that stolen files may again be made public in the near future.

NWO believes that its operations will be back to normal in a few weeks.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients