Today, May 4, 2022, we received a chat message at customer service with which we were blackmailed into paying a large sum of money in crypto immediately. If we did not do this immediately, we would have a DDoS attack. Our employee immediately responded adequately by informing the right people. Just a few minutes later, the attack was launched.
DDoS stands for Distributed Denial of Service. It means that the attackers send a large amount of data to our servers, overloading them. This makes the site in question slower and the site can even go completely offline. This can take a few hours to even a few weeks.
In our case, that happened too. Shortly after the attack started, the servers went down and the PriPortal was no longer accessible. Our in-house IT team started immediately after the report and was able to redirect the attack after a few hours. In the meantime, the peace has returned reasonably well, but we do see that there is still an attempt to send an unusual amount of traffic to the servers. This can result in the PriPortal reacting a little slower at times, but all functions are operational again.
The DDoS attack is not a security leak. There has been no unauthorized access to the portal in any way and/or data from our customers has been viewed. Against a DDoS attack there is actually very little to do. On the other hand, there is a lot to do against hacking. As a company, you need to have a strong IT team with specialized security specialists who continuously work on the security of the software and systems. We are extremely proud of our IT team and the way in which they have tackled and solved this together.
We now know that the attackers come from Russia. Perhaps we are a target because we help Ukrainian refugees with a free postal address. Or maybe it’s because we now have many thousands of customers from more than 88 countries who entrust us with their mail with sometimes sensitive data. Or maybe it’s just a bunch of criminals who want to make big money. Whatever it is.. we do not give in and do not bow to terror.
The PriGroup attaches great importance to the privacy of our customers. For that reason, we have, among other things, set up the two-step verification to log in. A decision that sometimes frustrates because logging in always has to be done via an IP whitelisting, or a trusted browser or with the google authenticator. However, this offers a much better security with which we keep unwanted visitors out.
We apologize for any inconvenience caused by this attack. We are working to give our systems extra capacity so that we can switch servers faster. There are now additional layers of security built in that allow us to respond even faster should this occur again in the future.
Have a nice Liberation Day tomorrow!