Threat actors behind the Ragnar Locker ransomware operation have published what they thought was data stolen from the municipality of Zwijndrecht, but the data actually belonged to Zwijndrecht police, a police department in Antwerp, Belgium.
The leaked data reportedly contained thousands of car number plates, fines, crime report files, personnel details, investigation reports, and other information. According to local media that call the leak one of the biggest in the country’s public service history, the incident exposed all data kept by Zwijndrecht police from 2006 until September 2022.
Zwijndrecht police has confirmed the incident, but said that the threat actors only accessed a part of the network that held administrative data, affecting mainly employees’ information. According to Marc Snels, chief of police at Zwijndrecht, the data leak was a result of a human error, and all affected individuals are being informed about the incident.
As per Belgian journalist Kenneth Dée, the attackers allegedly gained access to the police network through a vulnerable Citrix endpoint. Dée's investigation of the data revealed telecom service subscriber metadata and SMS of people under covert police investigation, as well as footage from traffic cameras, exposing the whereabouts of individuals at specific dates and times.
“This is the largest law-enforcement leak in the history of Belgium and probably the most impactful leak we have ever seen in our country,” Dée told tech news outlet Bleeping Computer.
“It should be a wakeup call for local police and the way they handle citizens' data, and hopefully, it will set things in motion towards changes on that front.”