On Wednesday (February 26), Belgian media reported that the Belgian intelligence department had been subjected to a large-scale cyber attack by Chinese hackers, resulting in the theft of the organization’s emails and members’ personal information.
According to the report from the local Belgian newspaper “Le Soir,” Chinese hackers successfully infiltrated the data of the Belgian State Security Service (VSSE) between 2021 and 2023. This incident is considered the largest breach in the history of the organization by an internal audit.
It is reported that the hackers exploited vulnerabilities in the Barracuda email system, a software supplier based in the United States, to infiltrate both the Belgian intelligence department and the Belgian Pipeline Organisation, which is responsible for monitoring pipelines in the North Sea.
The cybersecurity company Mandiant previously stated that the group is likely a network spy organization working for the Chinese government.
Over the course of two years, Chinese hackers gained access to 10% of the emails within the Belgian intelligence department. While sensitive data was reportedly not affected, personal information of nearly half of the intelligence department’s members may have been compromised.
The stolen data did not include confidential information stored on internal servers. However, it is believed that the hackers also obtained communications from the country’s prosecutor’s office, police force, ministerial cabinets, and other institutions.
On Wednesday, the Belgian Federal Prosecutor’s Office confirmed that they have received charges submitted by VSSE regarding the Chinese hacker intrusion. An investigation into the alleged invasion of the VSSE by Chinese hackers has been initiated.
(This article is based on relevant reports from Reuters)