Play ransomware operation conducted a cyberattack on the Belgium city of Antwerp on 05/06 December 2022. The impact of the attack was felt in all the sectors of the city, to include: Schools, Daycare Centers, Healthcare, Reservation Sytems, Police, Job Application Services, use of Libraries, Land and Building Registration Services, Email and Phone Systems, among others.
According to Het Laatste Nieuws (HLN), the News Agency, the hackers were able to disrupt Antwerp’s services after breaching the servers of Digipolis, the city’s digital partner that provides administrative software. Reports from reliable sources also indicated the theft to be the largest stolen data till date from public service in the country. The cache reportedly included, health records, government records, car plates, crime report files, investigation reports, and fines paid by the residents from the past 16 years, among others. However, data from Antwerp Services, has yet to be leaked, with the threat actors indicating they will begin publishing data in a week unless a ransom is paid.
Play ransomware claims attack
Though there has been a denial of service, the exact magnitude of the data lost or corrupted has not been released to the media or public. Play ransomware is a relatively new operation, launched in June 2022 when victims began describing their attacks. Earlier the said ransomware gang targeted Argentina’s Judiciary of Córdoba, in what was their most significant known attack.
It was only when Play ransomware operation started listing Antwerp as one of its victims, that the world came to know of the Ransomware Attack. This Antwerp entry on the data leak site claims that 557 GB of data was stolen during the attack, including personal information, passports, IDs, and financial documents. The Play group has also communicated and threatened to begin leaking Antwerp’s stolen data on December 19
About Antwerp and the speculated interest of the Attackers
Antwerp is a port city and is situated on the Schelde (Scheldt) River, about 55 miles (88 km) from the North Sea. Antwerp is a city in the State/Province of Antwerpen in Belgium, the other cities part of the Province are Kasterlee, and Lille.
The reasons for this insignificant city, fall victim to the hacker/attacker is not clear; but experts claim that the attack is aimed at extortion of money to sustain the Attacker Group. It is unclear when Antwerp’s IT systems will become fully functional, yet, the Antwerp’s mayor said that the impact could last until the end of December.