DATAHACK OLD MIJNKNWU ENVIRONMENT
We regret to report that a data hack has taken place in our old MijnKNWU environment. It is no longer in use for the public since the beginning of this year, but could still be consulted for internal and historical use. The breach affected the personal information of our members or people included in our legacy database for any reason.
What does this mean for you?
The data from the old MijnKNWU environment has been stolen. This means that all data that has been in this database is in the hands of third parties. This includes personal and contact details. At the bottom of this email we give tips on what you can do to limit / prevent further consequences. Our urgent advice is to read it carefully and apply it, if applicable to you.
Reporting and reporting
The data hack was immediately reported to the Dutch Data Protection Authority after discovery and a report was made to the police. In addition, we are conducting even more extensive research into the exact circumstances of this.
The hackers have asked for a ransom to regain possession of the data. We do not respond to this requirement on the advice of the directly engaged and questioned parties. On the one hand, because backups have been made of this data and this data only contains historical data. On the other hand, because paying this ransom in no way guarantees that the data will not be used for other purposes.
Consequences for the current MijnKNWU environment
The data from the old MijnKNWU environment was migrated to the new MijnKNWU environment in January. This means that you did not have to change your username and password. It is important that you do this as soon as possible. The data hack has no further consequences for the current MijnKNWU environment and its security. This is because the data hack took place in the old MijnKNWU environment. It also does not affect membership renewals and / or applications for next week's licenses that will run entirely through the new system.
More information
If you want to request more information about the infringement, you can contact Mirjam Tuithof. She can be reached [email protected] hope to have informed you sufficiently about this breach. We are continuously working to improve security and counter the consequences of attacks such as this breach.
Tips
We would like to prevent the data stolen from the KNWU from being used for illegal purposes. For the coming period, a number of things are important and we would like to point out the tips below.
1. Change your passwords and use password phrases and / or a password manager.
The most important is "Change (if possible) your username and passwords on our and other websites where you have used the same usernames and / or passwords. It can be difficult to remember all passwords.Here you will find a number of password managers to keep your passwords safe.
2. Do not click on payment links or login links in emails.
Many emails make it easy for the reader to log in to a website or make a payment. Malicious hackers often use these types of links in emails to send the reader to a fake website where they then enter their login details and reveal them. The best way to avoid this is not to click on that link, but just surf to the appropriate website of the agency and log in yourself.
3. If you do not expect an invoice or payment request from an agency, please contact them.
If you receive an invoice from us or another organization that you cannot place, please contact us by phone or e-mail. If the invoice is genuine, the financial administration can confirm this.
4. Do you want to know whether your data has been looted on other websites?
Unfortunately, the stealing of user data happens more often than you might think. Onhaveibeenpwned.commany websites keep track of which data was stolen from previous hacks. Here you can get a picture of whether your email address has been stolen before by entering your email address.
What does this mean for you?
The data from the old MijnKNWU environment has been stolen. This means that all data that has been in this database is in the hands of third parties. This includes personal and contact details. At the bottom of this email we give tips on what you can do to limit / prevent further consequences. Our urgent advice is to read it carefully and apply it, if applicable to you.
Reporting and reporting
The data hack was immediately reported to the Dutch Data Protection Authority after discovery and a report was made to the police. In addition, we are conducting even more extensive research into the exact circumstances of this.
The hackers have asked for a ransom to regain possession of the data. We do not respond to this requirement on the advice of the directly engaged and questioned parties. On the one hand, because backups have been made of this data and this data only contains historical data. On the other hand, because paying this ransom in no way guarantees that the data will not be used for other purposes.
Consequences for the current MijnKNWU environment
The data from the old MijnKNWU environment was migrated to the new MijnKNWU environment in January. This means that you did not have to change your username and password. It is important that you do this as soon as possible. The data hack has no further consequences for the current MijnKNWU environment and its security. This is because the data hack took place in the old MijnKNWU environment. It also does not affect membership renewals and / or applications for next week's licenses that will run entirely through the new system.
More information
If you want to request more information about the infringement, you can contact Mirjam Tuithof. She can be reached [email protected] hope to have informed you sufficiently about this breach. We are continuously working to improve security and counter the consequences of attacks such as this breach.
Tips
We would like to prevent the data stolen from the KNWU from being used for illegal purposes. For the coming period, a number of things are important and we would like to point out the tips below.
1. Change your passwords and use password phrases and / or a password manager.
The most important is "Change (if possible) your username and passwords on our and other websites where you have used the same usernames and / or passwords. It can be difficult to remember all passwords.Here you will find a number of password managers to keep your passwords safe.
2. Do not click on payment links or login links in emails.
Many emails make it easy for the reader to log in to a website or make a payment. Malicious hackers often use these types of links in emails to send the reader to a fake website where they then enter their login details and reveal them. The best way to avoid this is not to click on that link, but just surf to the appropriate website of the agency and log in yourself.
3. If you do not expect an invoice or payment request from an agency, please contact them.
If you receive an invoice from us or another organization that you cannot place, please contact us by phone or e-mail. If the invoice is genuine, the financial administration can confirm this.
4. Do you want to know whether your data has been looted on other websites?
Unfortunately, the stealing of user data happens more often than you might think. Onhaveibeenpwned.commany websites keep track of which data was stolen from previous hacks. Here you can get a picture of whether your email address has been stolen before by entering your email address.
