Netia Data Breach (2016)

Polish telco operator Netia suffers massive data breach, exposing 300,000 customer information including names, bank account numbers and personal IDs. Its official website was hacked by attackers, who accessed and compromised two different online forms that customers can use to contact the firm or to start an online contract for new services. Following the attack, the hackers posted 14GB of data on the internet and then started a new Twitter account impersonating the Ukrainian far-right political party Pravy Sector, claiming responsibility for the attack and posting links to the data. Netia says that no passwords or usernames were compromised, so users of the online self-service portal NetiaOnline do not need to take any action. However, the hackers accessed private user data including personal ID numbers, names and bank account numbers. One SQL database file contains 348,000 lines featuring full names, home addresses and IP addresses, while others taken from the investor section of the website contained sales records, bank transactions and even affiliate marketing information