The Croatian Financial Services Supervisory Agency (Hanfa) has experienced a cyber attack, rendering its computer server non-responsive to official email inquiries and causing the unavailability of its website. Hanfa, in collaboration with relevant institutions, filed a criminal complaint, engaging in intensive efforts to address the attack’s consequences. Despite ongoing investigations into the attack’s causes and outcomes, Hanfa is diligently working with internal teams and external experts to urgently recover its digital system, achieving partial website restoration by January 25. While services are temporarily disrupted, the agency assures users of its availability via phone and encourages the submission of documents through its Filing and Records Office.
During the recovery phase, Hanfa establishes electronic communication and significantly restores its website, with further efforts aimed at recovering public registers and pages for registered users. The agency acknowledges potential service interruptions for users during this period but emphasizes its commitment to data security and privacy protection. In line with regulations, Hanfa reports the incident to the competent personal data protection authority, assuring data subjects that efforts are in place to prevent the compromise of personal data. Regular updates on the situation will be provided to data subjects, contingent on the outcome of internal and external investigations, highlighting Hanfa’s dedication to maintaining transparency and protecting individual rights and freedoms.
Amidst the recovery efforts, Hanfa continues regular activities within its jurisdiction and maintains direct communication with supervised entities for the consistent delivery and submission of reports. The agency’s proactive approach in reporting the incident, collaborating with authorities, and implementing recovery measures underscores its commitment to data security, privacy, and the uninterrupted fulfillment of its regulatory responsibilities despite the challenges posed by the cyber attack.
Reference:
