Cyber Incident Victim: Breetec International

In May 2015, Belgian metal company Breetec International and several other Belgium-based organizations fell victim to a financially motivated cyberattack targeting the Isabel electronic payment platform. The attackers deployed malware through phishing emails disguised as legitimate communications containing important attachments. When employees opened these malicious attachments, the malware executed on their devices and covertly established fraudulent Isabel payment transactions within the system's queue. The malware operated by waiting for legitimate user authentication of routine transactions before automatically executing its own unauthorized transfers to foreign bank accounts, exploiting the authenticated session to bypass security checks. This attack methodology allowed the malicious transactions to blend with normal business activities until completion.

Breetec International suffered direct financial losses totaling 80,000 euros from these fraudulent transfers. The company detected the compromise through transaction monitoring and successfully traced one of the unauthorized payments to a bank account located in Dubai. While Breetec identified this destination, the article did not specify whether funds were recovered or if law enforcement investigations ensued. The incident impacted multiple Belgian companies using the Isabel system, though Breetec was the only specifically named victim. No technical details about malware containment, system remediation, or broader operational disruptions were disclosed in the available reporting. The attack demonstrated deliberate targeting of financial transaction systems through social engineering and session hijacking techniques.