Hackers attack public medical insurer

A group of hackers who had previously attacked the websites of political parties reportedly obtained information on thousands of insurance customers.

Anonymous Austria, the Austrian department of an internationally operating network of hackers, claimed yesterday (Weds) they got hold of data containing information about thousands of clients of Tyrol’s public health insurance company TGKK. The hackers said they were now in possession of 600,000 TGKK data sets.

Anonymous Austria announced they did not have to attack the insurer’s internet representation to steal the information. The group claimed it “stumbled across” the data. The Kronen Zeitung newspaper reports today that singer Hansi Hinterseer, actor Tobias Moretti and skier Nicole Hosp are affected. According to the Kurier newspaper, real estate developer Rene Benko is also among those who suffered a theft of private information.

A TGKK official stressed he could rule out that the hackers managed to get through the firm’s double firewall. He also dismissed speculations that highly confidential information such as people’s medical histories were stolen in the incident which is investigated by the Tyrolean Office of Criminal Investigation.

Hans Zeger of ARGE Daten, a group for data protection, did little to try and hide his anger about public and private institutions’ “negligence” when it comes to securing online data. “We have kept underlining that many systems do not even meet a minimum of requirements considering safety aspects,” he told the Kurier today.

Anonymous Austria has campaigned against a draft bill by the government coalition of Social Democrats (SPÖ) and the People’s Party (ÖVP) allowing investigators to store communication data of citizens such as mobile phone and internet records for up to six months. ÖVP Interior Minister Johanna Mikl-Leitner claimed the change of laws was needed to help police fight organised crime and terror cells. Some changes were made to the proposed bylaw after some SPÖ officials criticised the initial draft bill. The harsher law will come into effect next year.

The Austrian hackers also crashed the homepages of the SPÖ, the right-wing Freedom Party (FPÖ) and the Greens. All incidents occurred in July. Anonymous Austria disassociated themselves from the attack on the website of the federal Green Party a few days after login information of 13,000 users and administrators of the site were stolen.

SPÖ General Secretary Laura Rudas branded the attack on her party’s homepage as a “disgrace”. Rudas said the website had to be reprogrammed after the incident. Anonymous Austria announced after pouncing on the FPÖ’s internet presentation that they disliked the party for its “blunt racism and xenophobia”. The ÖVP and the Alliance for the Future of Austria (BZÖ) have so far been spared from significant attacks by hackers.

Anonymous Austria also caused a stir in July by stealing 214,000 customer data sets from GIS. The company is an affiliate of Austrian broadcaster ORF and responsible for the management of radio and television fees paid by residents of Austria. Nearly half of the records contained information on people’s bank accounts, a spokesman for GIS said. GIS officials initially claimed that the incident had only “little impact because (customer) data is located on several servers” before admitting the scale of the attack.

GIS manages data of ORF’s 3.5 million private and business clients. Data sets stolen and published by Anonymous Austria contained information on police officers and people working for the federal interior ministry.

Only a few days ago, the group revealed personal data of employees of the federal police, information of various government ministries and information garnered by the city of Vienna in polls. The hackers claimed they discovered some of the nicked data by “searching for it using Google”.

Speaking about who they are, an unnamed Anonymous Austria representative told the Kurier in July: “Pupils, university students and young employees can be found among our members, but also unemployed people, civil servants and members of the army.”

Asked for their motives, the Anonymous Austria member said: “Politicians are like pigeons – they shit on your head after you fed them. We cannot go on like this.”

The hacker warned: “We won’t stop in the foreseeable future. (…) Most of us are ready to risk getting punished for what they are doing. (…) Some of us may calm down if lawmakers show the will to allow more direct democracy.”

Austrian police said people being caught infiltrating computer networks face five years behind bars. Trying to get hold of any kind of data with illegal means is a criminal act punishable to the same extent in Austria, they explained, adding that offenders could be ordered to come up for their victims’ financial damage.