Hacker attack on the municipal administration of Mellingen
At the end of October, unknown persons carried out a hacker attack on the e-mail accounts of the municipality of Mellingen. The extent of the damage is still unknown.
Old town Mellingen © Depositphotos
As reported by CH Media's daily newspapers, the Mellingen municipal administration discovered that unknown perpetrators had gained access to employees' email accounts over midday on October 27, 2021, and sent spam emails to various recipients in their names over a period of several hours.
The supposed messages contained a real mail history and a link to malware. Bruno Gretener, the mayor of the municipality, was also affected, and e-mails were also sent from his e-mail address. However, the mails were of poor quality in terms of appearance.
Outlook vulnerability known for a long time
After the cyberattack became known, the municipality consulted its IT service provider and IT forensics expert, whereupon the vulnerability was quickly remedied. A criminal complaint against unknown persons was filed with the public prosecutor's office. The case was also reported to the data protection officer.
Interestingly, a long known vulnerability in Microsoft Exchange Server was exploited when Web Access (OVA) was enabled, which sprouted after a September update. The Outlook vulnerability had been exploited by cyber attackers for some time and could only be fixed later by a software update.
The extent of the incident is still uncertain. It is also unknown whether the cyber attackers had also copied data from the e-mail inboxes of municipal employees. Therefore, it cannot be ruled out at this point in time whether sensitive personal data was compromised.
Source: CH Media
