A1 Hrvatska, a phone carrier based in Croatia, recently disclosed that it had experienced a significant cyberattack.

As a result of the event, approximately 10% of its users were impacted, amounting to around 200,000 people having their personally identifiable information (PII) exposed, and putting them at risk of criminal attacks.

Details of a data breach

With the incident’s discovery still relatively fresh, it comes as little surprise that A1 Hrvatska offered few details in its recent announcement. However, it has confirmed that one of its dedicated user databases was accessed without authorisation and, as a consequence of this infiltration, sensitive information was viewed. They type of PII retained on the telecom carrier’s database included the full names, telephone numbers and street addresses of customers, along with personal identification numbers.

However, A1 Hrvatska was quick to emphasise that no information on online bank accounts or payment cards was compromised during the event, as the database accessed did not hold any financial details on users. This critical piece of information was validated by a team of computer forensic experts who investigated the event. The team analysed the computer logs to assess what data had been stolen and confirmed there was no financial risk to data subjects impacted by the breach.

The phone carrier has explained that it is now directly informing its service users whose details were contained on the database and exposed in the event.

Company statements following the incident

Following the data breach, A1 Hrvatska made an announcement regarding the data breach, outlining its actions and its attitude towards cyber security:

“A1 Hrvatska (Croatia) takes this embarrassing situation extremely seriously and, immediately after the first signs of suspicion of unauthorized access to the user base, immediately and without delay prevented further unauthorized access and took additional protection measures. A1 Hrvatska adheres to the highest security standards and data protection, and we will continue to make additional investments in improving the security environment. The recurrence of this security incident is not possible and has not had and will not affect the provision of services to customers.”

So far, it appears that the incident has not significantly impacted A1 Hrvatska’s operations or telecom services. As a result, the event is most likely a case of unauthorised access to the user database, caused either by a misconfiguration or credentials being stolen by a threat operator.

A1 Hrvatska is well-known as one of Vodafone’s strategic partners. Recently, Vodaphone’s Portugal region was hit by an exceptionally disruptive attack where both 4G and 5G services were impacted.

Telecom carriers make ideal victims for cyberattacks due to the level of chaos caused when the services they provide are interrupted. Computer help site Bleeping Computer noted that it is sometimes the case that strategic partners will share their online infrastructure. It added that while a connection between the strike on Vodaphone and A1 Hrvatska was unlikely, it could not be entirely ruled out at this stage.

Police in Croatia’s capital Zagreb have now begun an official investigation after receiving a criminal report concerning the incident.

With Galaxkey’s in-platform data encryption, all data is unreadable except for the sender and intended recipient, which means you don’t have to worry about data leaking or ransomware attacks during a breach. You can start a free 14-day trial to explore the platform and see just how easy it is to protect your data.