Client data leaked in hack on Polish online lender
Personal data of some users of Polish lender SuperGrosz online service have been leaked following a hacker attack, Poland’s digital affairs minister said on Sunday.
This is another such accident after a day earlier, hackers leaked login data of the Polish travel agency Itaka.
Digital Affairs Minister and Deputy Prime Minister Krzysztof Gawkowski called the Sunday attack "a very serious situation."
In a post on X, he wrote that "the data obtained by an unauthorised person" include personal identification numbers (PESEL), ID card data, contact information, marital status, the number of children and other sensitive details such as declared income and bank account numbers.
The relevant response teams of the Polish Financial Supervision Authority (KNF) and the Research and Academic Computer Network (NASK), a government-owned cybersecurity organisation, are already investigating the matter, Gawkowski said, and the Personal Data Protection Office's president has been notified. He added that efforts were underway to identify the perpetrators.
Gawkowski also said that Supergrosz's clients would soon be able to check on the website bezpiecznedane.gov.pl whether their accounts were affected by the breach.
He also recommended that people block their PESEL to prevent it from being used fraudulently by others and urged those whose details had been leaked to immediately change their passwords and enable two-factor authentication across all services.
The SuperGrosz website, operated by AIQLABS, offers quick online loans. The Office of Competition and Consumer Protection (UOKiK) has deemed AIQLABS's practices, including the use of non-interest loan costs in consumer loan agreements, to violate the collective interests of consumers. (PAP)
mmr/aj
