A data leak incident initiated by the operators of Ragnar Locker ransomware exposed the stolen data of Zwijndrecht police, believing that it was the municipality of Zwijndrecht. The leaked data includes thousands of license plates, penalties, criminal report files, employee information, investigation reports, and other documents exposed in the breach.

Ragnar Locker operatives accidentally misidentified the wrong target

Including all data maintained by the Zwijndrecht police from 2006 until September 2022, this data breach has been called one of the largest impacts on public agencies in Belgium.

Zwijndrecht police department issued a Facebook post in response to the local media coverage, minimizing the significance of the entire incident while claiming that the ransomware operators had only gained access to a certain section of the network containing administrative details. Later it was further confirmed, interpreting that they primarily targeted the workers over there.

Zwijndrecht police statement on Facebook

Marc Snels, chief of police in Zwijndrecht, stated to the VRT Television network that human error is believed to be the possible reason behind this data breach and that the police department is currently informing all affected individuals.

" However, not all information has been compromised. The majority of the data on this system pertains to our employees and includes things like employee rosters and pictures from company events, " discloses VRT Television.

"Even though we attempt to post sensitive material solely on the professional network, it is true that there is occasionally sensitive information on that network. Those blunders are the result of fallible humans. For instance, penalties and PVs have been shared publicly. Furthermore, there are pictures of children being abused. Obviously, that's a pretty difficult situation." - Zwijndrecht Police Department Commissioner. the effects are far broader than first thought

The compromise on the municipal Zwijndrecht network is nonetheless relevant for thousands of individuals, even if it did not affect the national police network in Belgium.

A Belgian journalist named Kenneth Dée revealed the incident to the public through Het Laatste Nieuws, saying that the attackers hacked into the police department's network via a poorly secured Citrix endpoint. The data analysis conducted by Dée showed subscriber information and SMS for those who were the subject of an undercover police inquiry.

Additionally, the exposed information includes traffic camera video, revealing individuals' movements on certain days and times.

This leak has far-reaching consequences for Belgian law enforcement and is the biggest of its kind in the country's history. Local law enforcement agencies should see this as a wake-up call, and maybe it will prompt them to alter the way they currently manage individuals' personal information.

However, a criminal action has been initiated by the prosecutor that addresses the hacking event explicitly, even though the country's data protection body has not yet declared an inquiry.

Even if the exposed individuals should replace their license plates, IDs, passports, etc.

Dobbelaere-Welvaert warns that "the consequences of this security event might be for a lifetime, and stealing identity is no joke. You can't simply change where you live, but even if you alter all papers, the implications of this security incident could be for a lifetime," she adds. "In my view, no smart camera should be activated until all police network systems are fully safeguarded."