June 14, 2021

Dutch ISP KPN Security Breach

(LiveHacking.Com) – One of the largest ISPs in The Netherlands has shut down its email services after a security breach where hackers leaked the credentials and personal information of more than 500 of its customers.

KPN discovered the breach at the end of January but after consulting with the Dutch government and law enforcement agencies decided not to go public with the details. Once KPN discovered that account details were being posted online (at PasteBin) then it decided to suspend its email services as a precautionary measure. During Saturday email services resumed and KPN sent customers information on how to reset their password.

KPN has over two million customers and it is unclear if the hackers got access to information about all of these account or just the 500 posted online.

Another Dutch CA Hacked?

(LiveHacking.Com) – Gemnet, a subsidiary of KPN (a leading telecommunications and ICT service provider in The Netherlands), has taken its website offline to investigate a possible hack. Hacked websites are not a rarity today, however according to Webwereld the hack is related to CA certificates.

In response to these allegations KPN issued a statement saying that the suggestions that there is a connection between the hack and creation of certificates is true. “The hack of the site has no connection with the issuance and management of Government PKI certificates.

Despite the statement issued by KPN,  a second website belonging to a subsidiary of the telecommunications  company that also issues digital certificates to the Dutch government was also taken down.

According to the original Webwereld article by Brenno de Winter, the attack was launched through a PHP MyAdmin account that didn’t have a password. The attacker then used the database to create files including executable scripts.