Embassies of Malta Servers Compromised
The information security and risk management department of the Malta IT Agency (MITA) on Wednesday identified unauthorised software on a server used for the storage of user credentials of personnel in embassies of Malta abroad.
MITA said [.pdf]the unauthorised software was identified by security monitoring and alerting tools recently deployed by the agency as part of an overall framework of security tightening.
Immediately upon detection MITA requested its US-based IT security advisory firm to provide it with an assessment of the potential breach based on the evidence collected by MITA.
Preliminary analysis indicates that the software only had the potential to extract user names and passwords on the embassies server.
Although MITA has no evidence that any breach occurred, throughout Wednesday night, to ensure absolute safety of the integrity of data in its responsibility, MITA carried out an operation which entailed the disabling of all accounts of users on the embassies’ server and users occupying sensitive positions.