A cyberattack has hit Slovenia’s Telekom, with reports indicating that hundreds of documents, including confidential company data, have been stolen. There are suspicions that customer data may have also been compromised. It is also reported that the attack has affected IPKO in Kosovo, a subsidiary of Slovenian Telekom. However, IPKO has not provided an explanation as to why it hasn’t notified its customers about the breach, despite being questioned by Insajderi.
Slovenian media have reported that over 300 documents, including project documents, user data, and employee information, have been circulating online. Slovenian Telekom confirmed the breach but stated that it did not involve subscriber databases or communication. However, the company decided to notify its customers about the incident.
The stolen documents reportedly include information about IPKO’s operations in Kosovo. Yet, until Wednesday, when Insajderi inquired, IPKO had not informed its customers about the breach. In response, IPKO reassured its customers that no customer data was compromised and that the integrity of its systems remained intact. IPKO also emphasized ongoing monitoring with cybersecurity experts, though it did not clarify which Kosovo institutions were notified.
The stolen data, according to Slovenian media, includes personal information of Slovenian Telekom subscribers, such as addresses, phone numbers, and IP addresses. Reports suggest that this data is now available for sale on the dark web. A hacker identified as “Rey” posted details of the stolen files, including financial reports, user and employee data, and information about the company’s internal processes, including systems like CRM and SAP.
The attack is believed to have been carried out by the Hellcat group, known for using advanced hacking techniques. This breach follows a series of similar incidents affecting major international corporations. The consequences of the data breach could include financial damage, loss of user trust, and potential regulatory penalties. For affected individuals, the exposure of personal data increases the risk of identity theft, financial fraud, and targeted cyberattacks such as phishing emails or ransomware.
