The Ministry of National Defence (MApN) said on Wednesday that email accounts belonging to its employees that were compromised by hackers linked to Russia did not contain classified data, but were used for administrative activities and the circulation of public information.
According to the ministry, the security incident was detected in March 2025 and involved the compromise of several dozen email addresses. Attempts to exploit a further 30 email accounts were unsuccessful. The incident was identified, analysed by the relevant structures and contained within 24 hours, the source said.
"The data concerned were unclassified and routinely used for administrative activities and the exchange of public information, so there was no possibility of accessing or exfiltrating classified data," the ministry explained.
To prevent similar incidents in the future, cybersecurity responsibilities have been centralised at national level since March, MApN said, adding that it continuously monitors its infrastructure and applies measures to eliminate potential vulnerabilities.
Hackers linked to Russia have carried out a wide-ranging cyber-espionage campaign targeting Ukraine and several European countries, including Romania, according to data analysed by Reuters.
In Romania, at least 67 email accounts belonging to the Romanian Air Force were compromised, including accounts linked to NATO air bases and at least one senior officer, highlighting the potential security sensitivity of the breach. The attacks form part of a broader operation uncovered by Ctrl-Alt-Intel, which found that at least 284 inboxes were compromised between September 2024 and March 2026.
While most targets were Ukrainian officials involved in anti-corruption and counter-espionage efforts, the operation also extended to NATO countries such as Greece and Bulgaria, highlighting the broader regional scope of the attacks.
Researchers say the data - accidentally exposed online by the hackers themselves - provides rare insight into the workings of a Moscow-linked espionage campaign. The operation has been attributed by some analysts to the group Fancy Bear, although this attribution remains disputed, added.
Comentează