Royal Dutch Cycling Union (KNWU), the national governing body for cycling in Netherlands announced a data breach involving stolen data from its database consisting of members, personal and contact details on November 27, 2020.
KNWU organizes cycling events and competitions in the Netherlands, providing a roster of benefits, discounts, cycling insurance and others. The database affected was a previous incarnation of the MijnKNWU platform, which contains members access to the benefits.
In a statement issued by the union they urged the members to update their passwords after being hit by the data breach. It did not indicate what types of personal data were involved or how many individuals were affected.
They had received a ransom demand stating that the stolen data would be returned to the body only if it paid up. They did not disclose the sum demanded.
The union had decided not to pay the attackers as they had a backup of the data and paying up would not guarantee that the hackers wouldn’t abuse the data for illegal purposes anyway.
KNWU members were urged not to click on any emails pretending to come from the KNWU. These phishing strategies allow hackers to get a hold of the personal information and login credentials of members.
Members were also asked to phone or email the association to validate the authenticity of any invoices or payment requests received.
People can still renew their memberships and submit applications, while the investigation is going on. The breach doesn’t impact the security protocols. The Netherlands Cycling Union is taking steps to improve its security.
Post comments (0)