Massive data leak points to market research software flaw
A massive data leak which has put the personal data of some two million people in the hands of hackers may be down to flawed market research software, broadcaster NOS reports.
Dutch Rail, VodafoneZiggo and health care provider CZ have been affected by the leak as well as the Dutch golf federation, health and safety body ArboNed, transport company Trevvel, and the Netherlands enterprise agency RVO.
Privacy watchdog Autoriteit Persoonsgegevens has started an investigation into the leak but said it had yet to put together a complete picture of what happened.
A number of market research agencies reported being hacked and are pointing the finger at Dutch survey software provider Nebu, NOS said. The company has yet to react to questions from the broadcaster about its possible role in the leaks.
The company works closely with Blauw Research and its chief executive Jos Vink told NOS ‘alarm bells started to ring’ two weeks ago when a technical problem at Nebu turned out to be a cyber attack. Nebu then ‘refused to cooperate in any way’ when Vink contacted them to find out how long the hackers had been active and what data had been stolen.
Companies wanting to know how clients feel about their services turn to market researchers such as Blauw who then use Nebu software to carry out the survey, including questions of a personal nature.
‘This incident shows that one weak link at a provider can have major implications for the security of the whole digital chain,’ Dave Maasland of security firm ESET Nederland told the broadcaster.
Money
Maasland said the hack is aimed at conning people out of their money in a way that seems plausible.
‘If you have just participated in a survey about client satisfaction and it says “click here for your thank you gift voucher” it would be very difficult not to,’ he said. Maasland said people should look out for e-mails that demand immediate action. ‘That is the main giveaway,’ he said.
Nebu was founded in the Netherlands in 1992 and has outlets in the
Dutch News has contacted Nebu for comment in the Netherlands and in Canada, where its parent company is based.
Thank you for donating to DutchNews.nl.
We could not provide the Dutch News service, and keep it free of charge, without the generous support of our readers. Your donations allow us to report on issues you tell us matter, and provide you with a summary of the most important Dutch news each day.
Make a donation