Cyber Incident Victim: Hrvatska agencija za nadzor financijskih usluga
Date:
Jan 2024
Location:
Croatia
Summary
A cyber attack targeted the Croatian Financial Services Supervisory Agency, disrupting its IT systems and prompting immediate recovery efforts involving external experts and authorities. Electronic communication and the website were largely restored within days, though public registers and user portals remained temporarily unavailable during ongoing restoration. The agency reported the incident to data protection authorities, noting potential risks to personal data but confirming no confirmed compromise at the time. Regular operations continued with direct communication to supervised entities, while users were advised to resubmit certain electronic inquiries via email. Further updates were contingent on investigation outcomes and system restoration progress.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 4 motives | 5 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 23, 2024, the Croatian Financial Services Supervisory Agency (Hanfa) experienced a cyber attack targeting its IT systems, prompting immediate public disclosure through an official press release. The agency initiated urgent recovery efforts in collaboration with external IT partners and relevant authorities, though the full scope of the attack’s causes and consequences remained under active investigation at the time of reporting. Hanfa’s internal team, supported by external independent experts, prioritized restoring core functionalities, with electronic communication channels and the agency’s website largely operational by January 25. The incident disrupted access to critical services, including public registers and the reporting system for registered users (Reports), necessitating a temporary suspension of these platforms during recovery. Hanfa explicitly advised financial market participants and the public to expect service limitations while technicians worked to restore affected systems in subsequent phases.
The agency confirmed compliance with data protection regulations by reporting the incident to Croatia’s personal data protection authority, emphasizing efforts to safeguard individuals’ personal data despite ongoing assessments of potential compromises. Hanfa maintained direct communication with supervised entities to ensure continuity of regulatory reporting obligations and redirected public inquiries through alternative channels, specifically instructing citizens to resend complaints emailed on January 23–24 to [email protected]. A dedicated email ([email protected]) was established for data subjects with privacy concerns, managed by Hanfa’s Data Protection Officer. Regular operational activities continued unaffected, though the agency deferred further public updates pending conclusions from internal and external investigations into the attack’s impact. No quantitative assessment of damages or technical specifics regarding attacker methodologies were disclosed, with restoration timelines for non-public-facing systems remaining undefined as of the last published statement.