High-profile hackings of 2015: StarNet

In Information Security ByTeam Acumin / 26th October 2015

StarNet is a Moldovan internet service provider that was founded back in 2003. The company provides internet services via FTTB and ADSL.

What happened?

In February of 2015, the company’s database was published online in a very public dump that saw the details of thousands of its customers made available to anyone who cared to access the database.

How many records were accessed?

Around 140,000 records were made publically available, containing information including email addresses, contact information, ISP usage patterns, and perhaps most worryingly, passport details of the companies user, along with names and dates of birth.

How it happened

The company’s founder Vitalie Esanu maintains that the data breach could not have been caused by a virus or hack. According to him, it is likely that an employee of StarNet copied the data before making it publically available.

However, some IT experts, including Eugen Frimu, believe that the data was obtained during a cyber attack on the company, whereby a vulnerability in the system was exploited, and enabling hackers to access the databases, which were apparently not encrypted.

What’s happened since?

After the attack was made public, Esanu said that the company could have implemented more security measures such as data caching, which would have made the leak more difficult.

It was also revealed that the hackers who targeted StarNet had been busy hacking into the systems of around 760 other organisations, 20 percent of which were Fortune 500 companies, including AMAZON-AES, BSKYB-BROADBAND and BT.

Investigators from the SPIA department of the Ministry of Internal Affairs of Moldova took on the case and were able to identify a couple of individuals who they believe to be responsible for the hacks. The two individuals were arrested and the equipment they used to conduct the attacks was seized.