Topics
Latest
AI
Amazon
Image Credits:Geraint Rowland Photography(opens in a new window)/ Getty Images
Apps
Biotech & Health
Climate
Image Credits:Geraint Rowland Photography(opens in a new window)/ Getty Images
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
Fundraising
gizmo
back
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
Social
Space
Startups
TikTok
Transportation
Venture
More from TechCrunch
case
Startup Battlefield
StrictlyVC
Podcasts
video
Partner Content
TechCrunch Brand Studio
Crunchboard
adjoin Us
Belgium is enquire an say data breach of its Department of State security department service ( VSSE ) by Chinese government hackers .
In a assertion sent to TechCrunch on Friday , the Belgian Union prosecuting officer ’s office say an investigating into a cyberattack was opened in November 2023 after it get wind about the alleged rupture .
This confirms an earlier report by the French - language Belgian newspaperLe Soir , which describe that a Chinese hacking grouping gained access to the outside chain armor server of the intelligence agency armed service between 2021 and 2023 .
The unnamed Chinese hacking group reportedly work a exposure in U.S. cybersecurity firm Barracuda ’s software . The critical - rated defect , which Barracuda first disclose in May 2023 , impacts the firm ’s Email Security Gateway ( ESG ) widget , a firewall for filtering inbound and outbound emails for potentially malicious content .
Barracuda spokesperson Lesley Sullivan told TechCrunch that “ questions regarding any breach at VSSE are more appropriately conduct to VSSE . ” VSSE did not respond to TechCrunch ’s questions .
security system researcher at U.S. cybersecurity firm Mandiantpreviously saidthe exposure , which could appropriate hackers to exfiltrate sensitive corporate information , had been exploited as azero - dayby a China - backed cyber - espionage group to target organisation around the world . Almost a third of the aim organization were government delegacy , fit in to Mandiant .
Though a bandage was released for the vulnerability , Barracuda in June 2023urged all touched client to put back ESG appliances affect by the vulnerability . It also advised customers to rotate any credentials connect to the gismo and to check over for signs of compromise date back to at least October 2022 .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
According to Le Soir , China - back hackers exploit the Barracuda flaw to exfiltrate 10 % of the Belgian intelligence operation religious service ’s incoming and outgoing e-mail . It take down that while classified information was not affected , the personal data of almost half of VSSE ’s employees was accessed , include personal identity documents , résumés , and internal communications .
VSSE reportedly discontinued its role of Barracuda ’s products follow the cyberattack , which was first reported bylocal mediain July 2023 .
Zack Whittaker kick in reporting .
