Cyber Incident Victim: Danish Data Protection Authority

On September 11, 2023, the Danish Data Protection Agency (Datatilsynet) reported that its website became inaccessible the previous afternoon, displaying a "connection failed" error message to visitors. The outage stemmed from a distributed denial-of-service (DDoS) attack targeting multiple Danish government websites, attributed to the Russian hacker group NoName057(16). According to Datatilsynet’s statement, their service provider confirmed the attack caused a physical infrastructure failure—described metaphorically as wires falling from ceilings amid sparks—necessitating hardware restoration to stabilize operations. The group publicly claimed responsibility through Telegram channels, though the article notes skepticism about direct Russian state involvement while acknowledging the attackers’ self-identification. NoName057(16)’s actions disrupted access to Datatilsynet’s public-facing services for at least several hours, with recovery efforts ongoing at the time of reporting.

Datatilsynet’s provider identified the attack’s origin but did not disclose technical detection methods or mitigation specifics beyond confirming the physical infrastructure damage. The incident impacted multiple governmental entities, though Datatilsynet was the only named agency. Restoration efforts focused on repairing hardware components rather than solely addressing software or traffic overloads, indicating an unusually severe disruption. The agency’s communication emphasized transparency regarding the attack’s source and infrastructural consequences but did not detail data compromises, operational downtime duration, or broader systemic effects beyond immediate service unavailability. NoName057(16)’s Telegram posts served as the primary attribution evidence, though the article highlighted unresolved questions about the provider’s forensic validation process.