Finland probing 130,000 login credentials breach

A Finland based online service has alleged a large scale strike by the hackers compromising 130,000 login credentials forcing the police to institute an investigation to ascertain the truth even as the company authority partially blames improper data security.

 The Helsinki Police probing the complaint have yet to spot anything that suggests the alleged data breach in the online service deployed to create and develop business plans in the country.

 The Finnish Enterprise Agency for Helsinki which lodged the complaint with the police investigators have also failed to provide plenty of evidence or inputs to substantiate the allegation of the biggest possible incident of data breach in Finland.

 The enterprise agency has only disclosed that, one of the country’s online service meant to create and develop business plans has possibly been hacked where around 130,000 users are made to bear the brunt.

 The online service establishment, in a communique, fears that with the strike, the hackers might get the access into the details of the business plans--the crucial asset belonging to it. But the initial enquiry has not been able to reveal the extent of data breach and the crucial inputs of the possible incident.

The investigators, therefore, are widening the area of the probe acting on more inputs from the enterprise agency. The agency authorities claimed to have detected the possible strike by the hackers during a routine monitoring operation.

The National Cyber Security Centre (NCSC-FI), the centre that functions under the Finnish Communications Regulatory Authority has maintained that the crucial credentials could be pilfered within a few minutes since these were not encrypted.

 According to FICORA, the passwords should be stored as cryptographic digests and once this is done without fail, the hackers could finds it more difficult to extract the advantage thereof.. Jarmo Hyökyvaara, who happens to be the chairman at the board of the Enterprise Agency for Helsinki, however, is helpless to disclose the exact figure of the affected users as he moved the police with the formal complaint.

He said the customers who are hit hard need not file any complaint afresh. He further observed that data security of the service was not upto the mark and that had it been good enough the incident of data breach could have been avoided.