The pro-Russian hacker group Phoenix, claims to have successfully breached Romania’s National Agency of Public Employees (ANFP), allegedly gaining access to very sensitive information on public officials, politicians, and state apparatus.
The Russian hacker group Phoenix claims to have breached the National Agency of Public Employees (ANFP) of Romania, gaining access to a number of sensitive and non-public data.
UPDATE: In a statement to the publication Profit.ro, Romanian authorities denied any attack or data breach.
A government representative commented:
“So far there are no indications that ANFP systems have been
compromised. ANFP’s security systems have not reported any successful
cyber-attacks, and the status of the systems is constantly checked”.
Privacy Affairs March 23, 2023
The Phoenix hackers have claimed that they managed to access several different types of internal data, such as reports of state bodies, company data, information on politicians and public employees, as well as information on state structures of Romania.
It is not certain at this moment what this alleged data actually contains. No samples of any kind have been provided, and so far, it’s only the hackers themselves who claim that they possess these files.
This is what the hackers announced late 22 March:
They also claimed that all internal systems of ANFP are currently disabled, and logging into their system shows an inscription stating, “the system is closed for the prevention of something there….”
The public-facing website of the ANFP appears to be functional and working normally at the writing of this article on 23 March.
There appears to be no public statement about this alleged breach anywhere on the ANFP website nor on any government-operated social media profiles.
If the breach is authentic, sensitive information about Romania’s public employees, politicians, and state structures may be exposed, leading to potential identity theft, fraud, or targeted attacks on the affected individuals.
Additionally, this breach could severely impact Romania’s public administration, national security, and international reputation.
However, until publicly confirmed by Romanian authorities or corroborated by sample data released by the hackers, the authenticity of this alleged breach is still uncertain.
The above being said, Phoenix has in the past carried out several successful attacks and has not so far made any false claims about its victims.
We believe security online security matters and its our mission to make it a safer place.
Active since January 2022, the Russian hacktivist group Phoenix has targeted hospitals in Japan, the UK, and a US-based healthcare organization serving the US military.
They employ social engineering techniques and phishing scams to gain access to victims’ bank or e-payment accounts.
The group has also conducted DDoS attacks against multiple entities and is known for hardware hacking, unlocking lost or stolen iPhones, and reselling them in Kyiv and Kharkiv through controlled outlets.
The ANFP is the central public administration institution responsible for the recordkeeping and management of public functions and public servants in Romania.
They develop competence frameworks, policies, strategies, and draft normative acts.
Operating under the Ministry of Development, Public Works and Administration (MDLPA), the ANFP provides specialized assistance to human resources departments, collaborating with public institutions and authorities in Romania.
The agency aims to support the development of a professional, politically neutral corps of public servants, capable of assimilating and adopting European Union performance standards.