„Late last night, we received information from the head of the State Accreditation Service for Health Care Activities regarding a cyber incident that had been contained in the information subsystem they manage,“ Jakubauskienė said at a press conference in the Seimas on Wednesday.
„According to preliminary data, an unauthorised login was performed by exploiting a vulnerability in the third-party open-source tool ‘Apache Superset.’ This is not the central e-health system where sensitive patient data is stored,“ she emphasised.
According to the minister, the incident occurred on June 7–8 and was detected during the night of June 8–9.
„From the start of the incident, it was contained within 41 hours. The provider overseeing the institutions and systems reacted immediately and blocked the breach within a few hours,“ stated Jakubauskienė, adding that the situation is being monitored.
According to the minister, during the incident, the attackers accessed the professional and contact information of specialists, more than 62,000 records, data on institution administrators, hierarchical competencies, and system technical metadata.
„We are currently awaiting more precise information, as the agency is also still waiting for some information from the State Agency for Digital Solutions. This will happen later today so that everything is completed within 72 hours of learning about the incident,“ stated Jakubauskienė.
„I personally learned about this incident late in the evening. I immediately informed the prime minister. (…) We immediately contacted the Prosecutor General’s Office, as this is not a routine incident. The Accreditation Service system, which was affected by the incident, has successfully passed cybersecurity tests and is accessed via the e-government gateway, not directly,“ the minister noted.
This is not the first recorded cyber incident at Lithuanian institutions.
Last week, the news portal 15min reported that the responsible authorities are currently investigating not only the data leak at the Centre of Registers (CR) but also the circumstances surrounding possible hacks into the accounts of employees at institutions under the Ministry of the Interior (MoI).
According to the portal’s information, the ministry’s leadership may have been aware of the hacking of several dozen MIA IT system accounts as early as the beginning of May, and this was also mentioned in some inter-agency consultations.
Minister of the Interior Vladislav Kondratovič stated that the ministry's and the public's biometric data are secure. He clarified that no data leak has been detected at this time and that suspicions of a potential breach concern the email accounts of employees at MIA institutions.
ELTA reports that the Prosecutor General’s Office is investigating an incident in which more than 600,000 real estate records may have been stolen from the RC, resulting in damages of at least EUR 111,000.
According to the Data Protection Inspectorate, the number of residents affected by the theft is slightly lower—approximately 0.5 million.
Adrijus Jusas, the former Head of the RC who has since stepped down, stated that a large-scale data leak from the registries was detected as early as the beginning of April, but the law enforcement investigation limited the ability to report the incident; prosecutors began the investigation on April 5.
The RC stated that its duty is to inform residents about the theft of their data, not to inform the public about the pre-trial investigation.