The Slovenia Times

Part of documents stolen in cyber attack on HSE published on dark net

A computer screen. Photo: Tamino Petelinšek/STA

Part of the data stolen in the November cyber attack on Slovenia's state-owned power group HSE have been published on the dark net. HSE does not expect major business damage, denying reports the data published includes sensitive data pertaining directly to the group.

The public broadcaster TV Slovenija has reported that around 127 gigabytes of data has been stolen in what are around 120,000 files, with some 60% published on the dark web after an alleged ransom deadline expired.

The hackers were reportedly offering the data at an auction that lasted seven days, at the starting price of 20 bitcoins or around €776,000.

The report alleged that most of the published data pertained to HSE's operations, including data on measurements, reporting and controlling, but said no major classified state information had been exposed.

It also alleged that a collection of sensitive personal data - ranging from internal documents classified as commercially sensitive to correspondence, passports, contracts and audits - was breached by the attackers.

In a statement issued on 20 December, HSE denied the data in question being sensitive HSE data or personal data of HSE employees.

While the inspection of the files continues, it so far indicates the stolen data pertains to the Velenje coal mine group, which is part of the HSE group, and builder RGP for a period when RPG, now part of HSE, was still a subsidiary of Premogovnik Velenje.

HSE said there were indications that some individual personal data had been disclosed, namely data located on the servers of Premogovnik Velenje and thus relating exclusively to certain employees of the companies in the Premogovnik Velenje group and of RGP.

These companies have informed their employees of the findings, and those whose data has been published will be informed individually, together with recommendations on how to proceed.


More from Business