A threat actor claims to have breached Cyprus Post, the official postal service provider for the Republic of Cyprus. The actor alleges the breach was accomplished by exploiting a vulnerability in the organization’s “Thalis” system. An announcement on the official Cyprus Post website confirms that the “THALIS system is out of service for security reasons.”
The breach appears to have exposed highly sensitive communications and parcel information related to numerous government agencies, police departments, and international embassies.
According to the actor, the compromised data is extensive and includes a wide range of sensitive information. The allegedly exfiltrated data includes:
- Internal network information, IP addresses, and user credentials.
- Employee and customer email addresses.
- Parcels, mail, and invoices for various entities.
- Physical addresses and phone numbers of businesses and individuals.
- Tracking details for mail sent to sensitive government bodies, including the Presidential Palace, various ministries (Justice, Finance, Health, etc.), Cyprus Police entities, and Nicosia Central Prison.
- Communications and shipping details related to the embassies of Ukraine, Saudi Arabia, Russia, Israel, Spain, Romania, and France.
- Internal financial transaction logs and tracking codes.
