Cyber Incident Victim: Flemish Region

On April 24, 2024, the municipal services of Deinze, Belgium, experienced a cyberattack involving unauthorized access to an employee’s email account. Attackers compromised the account and used it to send approximately 300 fraudulent emails impersonating the employee. These emails contained a link urging recipients to open a file, consistent with a phishing campaign. The incident was detected swiftly by city IT personnel, with additional reporting by Bart Vermaercke, a local council member from the N-VA party, accelerating the response. Within one hour of detection, the city’s IT team fully blocked the compromised account, halting further dissemination of malicious emails. Officials confirmed the attack was isolated to the email account, with no evidence of unauthorized access to backend systems such as servers or databases containing sensitive data. All affected email recipients were contacted directly by the IT department head to warn them about the fraudulent messages.

The city’s existing security infrastructure, including anti-spam filters and antivirus software, remained operational during the incident. All municipal employees utilized multifactor authentication (MFA) for system access, a measure implemented to reduce the risk of such breaches. Authorities attributed the breach to human error rather than a systemic failure of technical safeguards. In response, the IT department initiated a review of security protocols to identify potential enhancements, though no specific vulnerabilities or planned changes were disclosed publicly. Burgemeester Jan Vermeulen emphasized the effectiveness of the rapid containment and reiterated that no data stored on secured servers or databases was compromised. The incident did not disrupt municipal operations beyond the temporary email account suspension and notification efforts.