Cyber Incident Victim: One Albania
Date:
Dec 2023
Location:
Albania
Summary
ONE Albania, Albania's second-largest telecommunications provider, experienced a cybersecurity incident concurrently with an attack on the national Parliament. The country's cyber authority confirmed the attacks originated from non-domestic IP addresses. The telco maintained uninterrupted operation of all services including mobile, fixed-line, and IPTV during the event, collaborating with regulatory institutions AKEP and AKCESK to ensure service continuity and data protection. The company publicly affirmed its commitment to transparency throughout the incident response process.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 0 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 25, 2023, ONE Albania, the country's second-largest telecommunications provider, experienced a cybersecurity incident alongside a simultaneous attack targeting the Parliament of Albania. The National Authority for Electronic Certification and Cyber Security (AKCESK) confirmed both attacks occurred on Christmas Day, noting neither originated from Albanian IP addresses. AKCESK’s statement highlighted that neither institution appeared on Albania’s list of most sensitive organizations, implying potential gaps in national cybersecurity prioritization. ONE Albania addressed the incident through an official Facebook post published the same day, stating they had "identified and dealt with full capacities and actively" with the cyber incident. The company emphasized that despite the attack, all services—including mobile, landline, and IPTV—remained operational without interruption. Customer service channels also functioned normally throughout the event. No technical details regarding attack vectors, data compromise, or system infiltration were disclosed by either ONE Albania or AKCESK.
The incident prompted immediate collaboration between ONE Albania and Albanian regulatory bodies, specifically the Electronic and Postal Communications Authority (AKEP) and AKCESK, to ensure service continuity and data protection. ONE Albania publicly committed to maintaining transparency with customers, though no further incident updates were provided in the initial Facebook statement. The attack’s operational impact appeared limited, as no service degradation or outages were reported. Motives behind the attack remained unconfirmed, with no threat actor claiming responsibility or demands disclosed. The simultaneous targeting of a private telecommunications provider and a government institution underscored broader concerns about critical infrastructure vulnerabilities, particularly given AKCESK’s observation about the targets’ exclusion from Albania’s highest-priority security lists. Both organizations resumed normal operations post-incident with no reported lingering effects on service delivery or customer data.