- The KNWU said it had received a ransom demand that said the stolen data would be returned to the body if it paid up.
- However, the association, which did not disclose the sum demanded, said it would not pay the ransom because it had backups of the data, and because doing so would not guarantee that the attackers wouldn’t abuse the data for illegal purposes anyway.
- The database in question was stolen from a previous incarnation of the ‘MijnKNWU’ platform, which members log into to access benefits.
- KNWU members were urged not to click on any emails purporting to come from the KNWU, and to phone or email the association to validate the authenticity of any invoices or payment requests received.
- The body said it had alerted the police and the Dutch Data Protection Authority.
– Adam Bannister | December 1, 2020