Usurpation of identity , loss of control over personal data, phishing attempts .

These are the risks that users who own the personal data stolen in February from the databases of the Region could run e   published last June 17 on the dark web , or - explains a note released by the Region - "a network that offers content through a hidden address that does not allow you to easily identify the owner of the site, accessible only using a specific tool, the browser TOR, designed to ensure anonymity on computer networks ".

DIRECTIONS IN THE SIGHT - In the press release issued today by the Region - which after the discovery of the hacker attack and the computer theft had notified the competent authorities - the Directorates directly involved in the cyber-raid are also listed (more than 150 giga stolen would be): the Directorate General of Local Authorities and the Directorate General of Civil Protection.

"The same Departments - it is specified - have activated dedicated e-mail boxes to which potential interested parties can contact for information on the nature of the data involved. The Data Controller will keep interested parties updated as soon as more details are available".

THE STOLEN DATA - The details of what was stolen and to whom were also disseminated on the Region's website.

Among other things: Personal, health and economic data, telephone numbers, pec, e-mails, judicial data, identity documents of regional employees , of those enrolled in competitions and selections , of companies participating in tenders, assignments and to the negotiated procedures, also the civil protection data regarding the vaccination campaign and the passengers of ships and planes during the period of the Covid lockdown traveling to and from Sardinia, including self-certifications. The detail is contained in two annexes relating to the two Directions that ended up in the sights of cyber pirates.

WHAT TO DO - Again, the Region has released a vademecum for the benefit of the people potentially involved: “We advise you to pay particular attention to e-mail and SMS / instant messages (such as WhatsApp ); your personal information could be used to send you telephone communications or phishing messages for fraudulent purposes , thanks to the knowledge of personal data by the third parties who carried out the cyber attack ".

And then: “We suggest you reset your passwords , especially if you use combinations that can be traced back to your personal data or your personal information (...). In the event of the presence of personal documents such as an identity document, go immediately to the police authorities to file a complaint. (...) If some information is impossible to remove directly from the source, you can ask search engines to remove links to websites containing your private data from the results , exercising the so-called right to be forgotten ".

Finally, "to find out if the disclosure concerned your personal data, contact one of the following Directions via e-mail (on the Region's website, ed), specifying your name, surname and the procedure in which you were potentially involved. In a first phase you will be able to know if you are interested in the violation and what type of data concerns you, in case you request access to the single information you will have to prove your identity ", explains Villa Devoto.

THE FIRST EFFECTS - Meanwhile, the effects of the theft would already be felt, with the bad guys who would have already moved on to the first attempts of fraudulent use of the data ended up on the darkweb : these days many users are receiving fake emails and sms to access their file electronic health care .

And the regional directorate of the Department of General Affairs specified that it is a consequence of the hacker attack last February.

(Unioneonline / lf)

© Riproduzione riservata