Language switcher

You are here

Estonian Ministries Report Cybersecurity Incidents and Data Breach

Estonian Information System Authority (known as RIA) announced that three government ministries reported cybersecurity incidents in November resulting in significant breaches of personal data. The Ministry of Economics and Communication, Ministry of Foreign Affairs and Ministry of Social Affairs were impacted.

The affected ministries have been working with RIA to analyse the attack vectors of the breach and contain the intrusions. The three attacks bear similarities as all were directed toward the web server infrastructure.

The information stolen from the Ministry of Social Affairs included data regarding the containment of infectious diseases which affected 9158 people. The Health and Welfare Information Systems Centre was able to restrict the access to their systems within 8 hours. The Estonian Health Board will be contacting the persons affected in the near future. 

The incidents also affected multiple servers at the Ministry of Economy and Communications. “Despite the seriousness of the incidents there is no threat of disruption of state services. To help counter the threat we have engaged experts from the public and private sector. Now that the initial mitigation efforts are done we need to work together all across the country to keep such attempts from being successful,” Raul Rikk, Head of Cybersecurity Policy at the Ministry of Economy and Communications, said.

In the incident concerning the Ministry of Foreign Affairs, a database containining information already accessible to the public was copied but no restricted documents or sensitive personal information were retrieved.

“We consider these breaches serious,” Lauri Aasmann, Director of Cyber Security at RIA, said. “The situation is under control as of now. We have informed our partners in the public and private sector about details of these incidents which will help secure against similar attempts in the future. RIA will continue to assess the incidents. We have notified the vendors of these vulnerabilities and patches are already available,” he added.

The National Criminal Police has commenced an investigation regarding unlawful access to computer systems. The investigation is being led by the Office of the Prosecutor General.

RIA has compiled the initial details of the incident and shared its recommendations with the IT-security experts at Estonian public sector institutions and operators of vital services.

Seiko Kuik
Press Officer of the Information System Authority
5851 7028 

More news on the same subject


Large-scale denial-of-service attacks have ended

29.4.2022 – According to the assessment of the Information System Authority (RIA), the denial-of-service attacks that began on 21 April concluded by the evening of 25 April. The purpose of the denial-of-service attacks was to disrupt the operation of 13 websites, but due to the countermeasures applied, the effect of the attacks was insignificant.


DDoS attacks against state websites had no significant effect

21.4.2022 – From 4 p.m. this evening, the security incident management organisation (CERT-EE) of the Information System Authority (RIA) identified distributed denial-of-service (DDoS) attacks against state websites. The attacks caused short-term interruptions in the accessibility of some websites, but had no significant effects.