Ransomware group Conti leaked customer data of eight Dutch housing associations. The associations were attacked after a breach of their IT service provider, The Sourcing Company.

On March 27, Conti infiltrated the servers of The Sourcing Company. The Dutch IT service provider works for several housing corporations. Conti used the initial break-in to crack the systems of eight housing corporations.

The most recent confirmation came from l’escault, a client of The Sourcing Company. This morning, the housing association announced that citizen service numbers, dates of birth and customer account numbers had ‘possibly’ been stolen. Meanwhile, it’s become clear that Conti leaked the customer data of one or more associations.

The ransomware group published eight gigabytes of personal data on the dark web, including bank details, addresses and identity document copies. The total amount of data stolen is estimated at 200 gigabytes. The eight affected housing associations are responsible for the tenants of more than 75,000 homes.

The housing corporations jointly announced that they do not intend to pay the ransom. According to BN de Stem, Conti is asking for 15 million euros.

The Sourcing Company

The Sourcing Company is still recovering. Johan van der Blom, managing partner at The Sourcing Company, clarified that Conti managed to infiltrate some of the company’s online backups. According to the managing partner, The Sourcing Company has offline copies.

Both the housing corporations and The Sourcing Company reported the incident to Autoriteit Persoonsgegevens, the Dutch GDPR authority.

Tip: Ransomware: how dangerous is it, and how to protect your company?ware