TWO INVESTIGATIONS are under way by gardaí and the Office of the Data Protection Commissioner following the theft of personal data belonging to 2,000 members of the public from a Fine Gael website on Sunday night.
The party contacted gardaí yesterday after media outlets were e-mailed by someone claiming to be from online activist group Anonymous.
The e-mail claimed the group, which has been waging a campaign of cyber attacks in defence of WikiLeaks, was responsible for the attack against the Fine Gael website.
A party spokesman said the “extremely sophisticated intervention” on Fine Gael’s US-hosted website is also likely to be investigated by federal authorities.
Emblazoned with the Enda Kenny-attributed quote “One of the big failings of politicians is that they talk too much and don’t listen enough,” the Fine Gael website invited users to submit comments along with contact details.
The attack took place between 8pm and midnight on Sunday and the following message was posted by the hackers: “Nothing is safe, you put your faith in this political party and they take no measures to protect you. They offer you free speech yet they censor your voice. Wake up!”
A file containing personal information – including IP addresses, mobile phone numbers, e-mail addresses and comments left on the website by some 2,000 members of the public – was then forwarded to the media by e-mail from someone purporting to belong to the Anonymous group.
The sender claimed the site was attacked because comments submitted “were being censored”.
The Fine Gael spokesman disputed this claim and said comments were only moderated for profanity, abusive language or continuous party political attacks.
The Garda’s computer crime investigation unit has undertaken to investigate the attack.
Assistant Data Commissioner Diarmuid Hallinan at the Office of the Data Protection Commissioner also confirmed that his office was investigating the breach.
The focus of the commission’s investigation is to ensure that appropriate safeguards are put in place by the party to preserve the safety of personal data it holds and to ensure it takes precautions to resist future hacking attempts.
Fine Gael has suspended the website temporarily but is hoping to have it back online as soon as possible. The party contacted those affected by the security breach yesterday, as is its obligation under data protection rules, and notified them that their details had been compromised.
A claim that the group responsible for the attack was the same as that associated with the WikiLeaks investigation and recent attacks on Visa, Mastercard and Amazon was met with some scepticism yesterday.
Online bulletin boards and hacker websites questioned the modus operandi of the hackers, which differed from the usual denial-of-service methods associated with the Anonymous group.
One unofficial WikiLeaks information resource, WL Central, said there was “little apparent reason in recent news why Anonymous would target an Irish political party”, suggesting instead that “a more cautious approach” would be to assume that the attack was carried out “to expose lax information security” on the site.
ANONYMOUS GROUP: WIKILEAKS CONNECTION
THE ANONYMOUS group is a loose umbrella organisation of computer-literate activists who have organised attacks against websites in the past. The group has most recently been associated with attacks on companies that have moved against WikiLeaks founder Julian Assange.
The methodology used by the group is usually a distributed denial-of-service attack where mass attempts are made to access a particular website.
If successful, these attacks overload the target website with repeated requests for access.
A blog linked to the group’s Twitter account said in December: “The message is simple: freedom of speech. Anonymous is peacefully campaigning for freedom of speech everywhere in all forms. Freedom of speech for: the internet, for journalism and journalists and citizens of the world at large.
“Regardless of what you think or have to say, Anonymous is campaigning for you.”
