Newsroom
A coordinated cyberattack has struck the Greek Land Registry, compromising one of its databases containing property ownership information across the country. Authorities are assessing whether the breach involved data theft or the deployment of ransomware, which could block access to the database until a ransom is paid.
The Greek National Cyber Defense Directorate is involved due to the registry's status as critical national infrastructure.
According to sources, the attack was launched from at least two different points over recent days. Hackers stole user credentials from employees at the Greek Land Registry’s central offices, gaining access to their computers. Once the breach was detected, the central office's computer system was immediately locked down, and employees were instructed to change their passwords and enable two-factor authentication.
A senior official from the Ministry of Digital Governance disclosed that in one instance, hackers obtained files from employees' computers, which were considered of minor importance. However, yesterday evening it was revealed that a key server of the Greek Land Registry's Information System (SPEK) was compromised, specifically a backup of the registry's database.
As of late yesterday, it was confirmed that no damage had been done and no citizen data had been removed. However, the hackers left no trace of what files they may have copied or whether they installed ransomware, which might not have been activated yet.
Late yesterday, the ministry issued a statement asserting that "preliminary analysis indicates the attack did not achieve its objective on any critical infrastructure, and all digital services remain operational."
Given the Greek Land Registry manages over 1,500 terminals and servers, assessing the full extent of the attack will take time. The Cyber Defense Directorate is expected to submit a report on the incident in the coming days.
The incident is significant as the registry's database holds all real estate ownership information in Greece, including personal data of property owners. This information is highly valuable and not freely available online, with access restricted to certified lawyers, notaries, and engineers, besides registry employees.
Fortunately, the system breach has been sealed, no damage has been detected, and the registry’s transaction system remains unaffected. Consequently, transactions and digital services continued as usual across the country yesterday.
The registry's data is stored with multiple security layers, including different firewalls, and backups are kept on servers located outside the registry’s main infrastructure. One such backup server was targeted in the attack.
Earlier this month, the Information Society launched an open international tender for enhancing public sector information and system security, including the Greek Land Registry. The €47.3 million contract, funded by the Recovery Fund, aims to evaluate readiness against cyberattacks, update or maintain technological equipment, and provide specialized security services to strengthen the perimeter security of critical IT infrastructure.
