Over the past few days, Danish media has reported stories about source code thefts involving Danish net companies.
One incident involved the simple theft of Netcompany Denmark’s source code and user manual.
This incident can be argued to be a ransomware attack.
The data theft has not affected Netcompany’s or our customers’ operations and services.
We know how the theft occurred, the scope of the theft, and the source code and user manual of Netcompany tools.
Since the discovery of the simple theft, we have worked closely with authorities and implemented additional mitigation measures to ensure a continued high level of security in our production system environment.
We take the necessary precautions to ensure that stolen files are not used to gain unauthorized access to our systems.
In Denmark, Netcompany operates several government-critical systems and cannot use stolen files to gain unauthorized access or compromise these systems in any way. Additionally, stolen files cannot be used to gain unauthorized access to production systems.
The stolen files that were subsequently leaked stemmed from the same incident: data theft of Netcompany source code for Netcompany tools and user manuals.
The passwords in the stolen files could be used to access Netcompany and its customers’ systems, with media reports stating that “…password Netcompany123 grants access to most system environments.” did. That’s not true. “Netcompany123” is not an actual password, but an easily recognized placeholder that is replaced with a strong security profile password when the source code is released into production, so it cannot be accessed on a running system.
There is no indication that a simple theft event is part of a supply chain attack.
We take this matter very seriously. We are in close contact with the Danish customers listed in the stolen data and are cooperating with authorities.
Additional Information For additional information, please contact Netcompany Group A/S.
Thomas Johansen, CFO, +45 51 19 32 24
Frederikke Linde, Head of Investor Relations, +45 60 62 60 87
attachment
