Thursday, April 24, 2025
HomeCyber Security NewsHackers Steal User's Database From European Telecommunications Standards Institute

Hackers Steal User’s Database From European Telecommunications Standards Institute

Published on

SIEM as a Service

Follow Us on Google News

The European Telecommunications Standards Institute (ETSI) has uncovered a data breach in which threat actors obtained a database holding a list of portal users.

The incident was disclosed last week by ETSI. It is still unclear if the attack was carried out for financial gain or if the hackers wanted to utilize the user list for espionage.

An independent, non-profit organization with headquarters in Europe is the European Telecommunications Standards Institute. 

- Advertisement - Google News

The organization is primarily concerned with creating international standards for information and communications technology (ICT) and telecommunications, including GSM, 3G, 4G, 5G, and others.

In the quickly developing world of telecommunications and digital technologies, ETSI is essential for assuring interoperability, compatibility, and efficient communication. More than 900 organizations from 65 different countries are members of ETSI.

Document
FREE Demo

Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Insights of the Breach

The French National Cybersecurity Agency (ANSSI) assisted the French-based organization in investigating this incident.

The ANSSI and the ETSI IT team worked together to investigate and fix the information systems after a cyberattack was noticed on the ETSI portal, the IT system dedicated to its members’ work.

“The vulnerability on which the attack was based has been fixed.” According to the data breach notification published by the ETSI. 

“ETSI believes the database containing the list of their online users has been exfiltrated. Since the attack and under the guidance of ANSSI experts, ETSI has fixed the vulnerability, undertaken additional security actions, and significantly strengthened its IT security procedures.”

Reports say a representative declined to comment on whether the vulnerability was known or unknown at the time of the attack.

The company has asked all of its online users to change their passwords as a precaution; however, it is unknown if user credentials were included in the stolen information.

Director-general Luis Jorge Romero called the attack a “crisis” in a statement posted on the organization’s website and applauded ANSSI for helping the organization “determine the remedial actions to be taken, and to strengthen the security of our systems.”

“Transparency is at the root of ETSI, in our governance and technical work. We are very grateful for the knowledge and advice of the experts from the French National Cybersecurity Agency (ANSSI), who have helped us to determine the remedial actions to be taken, and to strengthen the security of our systems,” ETSI Director-General said.

Hence, the French data protection authority has been notified of the data breach, and a judicial inquiry — which is essentially the investigative stage of criminal proceedings in France — is currently ongoing, according to ETSI.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.

Latest articles

Redis DoS Flaw Allows Attackers to Crash Servers or Drain Memory

A high-severity denial-of-service (DoS) vulnerability in Redis, tracked as CVE-2025-21605, allows unauthenticated attackers to crash...

Google Warns: Threat Actors Growing More Sophisticated, Exploiting Zero-Day Vulnerabilities

Google’s Mandiant team has released its M-Trends 2025 report, highlighting the increasing sophistication of...

Critical Langflow Flaw Enables Malicious Code Injection – Technical Breakdown Released

A critical remote code execution (RCE) vulnerability, identified as CVE-2025-3248 with a CVSS score...

GitLab Releases Critical Patch for XSS, DoS, and Account Takeover Bugs

GitLab, a leading DevOps platform, has released a critical security patch impacting both its...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Redis DoS Flaw Allows Attackers to Crash Servers or Drain Memory

A high-severity denial-of-service (DoS) vulnerability in Redis, tracked as CVE-2025-21605, allows unauthenticated attackers to crash...

Google Warns: Threat Actors Growing More Sophisticated, Exploiting Zero-Day Vulnerabilities

Google’s Mandiant team has released its M-Trends 2025 report, highlighting the increasing sophistication of...

Critical Langflow Flaw Enables Malicious Code Injection – Technical Breakdown Released

A critical remote code execution (RCE) vulnerability, identified as CVE-2025-3248 with a CVSS score...