Cyber Incident Victim: Chamber of Deputies of Romania
Date:
Jan 2024
Location:
Romania
Summary
A cyber attack targeted Romania's Chamber of Deputies, resulting in unauthorized access to sensitive personal data of deputies, including identity documents, medical records, bank contracts, and vehicle information belonging to prominent officials. The perpetrators demanded a ransom of 0.8 Bitcoin (approximately €30,000) under threat of further data exposure, though the institution denied receiving any formal extortion request. Authorities initiated legal proceedings with DIICOT in response to the breach.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 1, 2024, Digi24 reported a cyberattack targeting the database of the Romanian Chamber of Deputies (Camera Deputaților), following exclusive information received from sources within the institution and an IT professional who monitored hacker activity. The attack involved unauthorized access to sensitive personal data belonging to deputies, including identity documents such as national ID cards of high-profile figures like Marcel Ciolacu and Kelemen Hunor. Hackers publicly claimed responsibility for breaching the system on a specialized online forum, announcing their intent to release additional confidential information unless a ransom of 0.8 Bitcoin (approximately €30,000) was paid. As proof of their access, they leaked a subset of stolen documents, which included medical records, bank contracts, and personal vehicle registration details. The compromised data extended beyond identity theft risks to encompass highly sensitive health information and financial agreements, indicating a broad extraction of records from parliamentary systems.
The Chamber of Deputies' General Secretariat initiated legal proceedings by drafting a criminal complaint to Romania's Directorate for Investigating Organized Crime and Terrorism (DIICOT) following the breach disclosure. Institutional representatives publicly disputed the hackers' ransom narrative, asserting no formal extortion demand had been received by the Chamber despite the attackers' publicized Bitcoin payment requirement. No technical details regarding the intrusion method, timeline of unauthorized access, or specific IT systems affected were disclosed by officials. The incident exposed systemic vulnerabilities in safeguarding deputies' personal data, with immediate consequences including potential identity fraud risks and unauthorized exposure of private medical and financial histories. Response efforts remained confined to legal escalation, with no publicized containment measures or system restoration actions at the time of reporting.