Blocking ads removes funding from us!
Researching and writing articles takes a lot of time. Operating our infrastructure costs money.
All of this is funded with advertising revenue.
We don't like advertising either - that's why we avoid annoying banners and pop-ups.
Please give us a chance and deactivate your adblocker!
Alternatively, you can support us here voluntarily.
Language:  Deutsch English (Beta)

Follow us:

Data leak at Viennese libraries: data from over 700.000 users in the network

Image: pixabay.com
(Post picture: © 2019 pixabay.com)

Almost two weeks ago it became known that the database of the Vienna libraries had been hacked. Now the extent of the attack seems to be greater than previously assumed. Not 77.000, but over 700.000 users are affected. It all went online.

On June 14th, a hacker cracked the loan database of the Vienna libraries. Shortly afterwards, the database was taken offline. The system is still unavailable to this day. On the Website one writes that "media borrowed until restoration is automatically renewed". So far, however, there has been talk of an affected number of 77.000 users. According to current information, such as the "Futurezone" reported, but there are probably 713.677 affected users. this has "Offensity" in a blog post now announced.

Review: A few days earlier - on June 10th - the hacker complained on twitter via the poor WAF (Web Application Firewall) of the Viennese libraries. Since the City of Vienna, WienCERT and the Viennese libraries did not react to his information that he had stolen over 400 user data, the hacker finally got the copy of the database published on Twitter.

Data leak at Viennese libraries: This data was tapped

Anyone who has ever borrowed a book from the Vienna libraries is most likely affected by the attack. Specifically, these data records of the readers were saved for most of the users:

  • First name Last Name
  • Date of birth = password
  • Phone number
  • E-mail address
  • Full address
  • Any notes, such as reminders / blocks

further data include (Extract according to the Viennese libraries) the following:

  • User number
  • User identification
  • Gender
  • Filing date
  • Valid until
  • Blocked until
  • Branch
  • Last loan (date)
  • Years (age)
  • How many loans have been made in the current year?
  • How many loans have been made since the reader started using the Vienna libraries
  • Title
  • ID until
  • How many loans were made in the previous year
  • ID number
  • salutation
  • Fee dunning dates
  • last activity
  • Active branch
  • Individual comment (discount comment, student group identifier)
  • Free text comment
  • User group
  • User name
  • Fax number
  • Comments on fee-relevant booking processes
  • Note (free text)
  • Free text comment in connection with locks
  • Identification of whether the reader should be evaluated using the daily closing (transfer to statistics tables)
  • Resubmission date for free user groups
  • Proproject field (field is used to specify at Proprojects to save the borrowing history)

In addition, Offensity has published a graphic that shows the users concerned. There you pulled the complete data set and analyzed it in detail. Duplicate records have been removed and merged. The address data are said to have been stolen from almost all users - around 99,94%. In second place are email addresses with 70,34%.

This data was stolen in the hacker attack. (Image: Offensity)

How Elke Bazalka, Head of the Libraries Vienna to the "Der Standard“Opposite now reported, they are currently working on a new system for the Vienna libraries. This should be checked for security by means of penetration tests before publication - on July 1st, the online catalog and the loan system are to be brought online again. The database of more than 300 MB with the user data of the data leak at the Vienna libraries is still available for download on the Internet.

Recommendations for you

>> Current Amazon offers & top deals <

David Wurm

Do that TechnikNews-Ding together with a great team for several years. Works in the background on the server infrastructure and is also responsible for everything editorial. Is fascinated by current technology and likes to blog about everything digital. In his free time, he can often be found developing websites, taking photos or making radio.

David has already written 890 articles and left 372 comments.

Web | Facebook | Twitter | Insta | YouTube
notification settings
notifications about
guest
Your name, which will be shown publicly.
We will not publish your email address.
0 Comments
Inline feedback
View all comments