Data from the Statistical Office are safe

The process of ongoing activities runs smoothly

Regarding the information in the media, about hacker attacks on the information system of the Statistical Office, we are informing the public about the facts that confirm that this institution is unhindered in performing its legally defined activities, as well as that all databases are safe.

A cyber incident in the information system of the Statistical Office occurred on November 14, 2024 at 11:45 p.m. The incident was identified as a ransomware attack (medusa locker), and the same was reported, in accordance with the Law on Information Security, to the competent authorities who are conducting proceedings within the scope of their jurisdiction.

Therefore, it is not true that Statistical Office hid that a cyber incident had occurred, but on the same day informed the relevant competent authorities in order to review the facts and obtain final findings on the incident.

Above all, Statistical Office did not suffer any damage from the mentioned cyber incident and is unhindered in performing all tasks prescribed by law.

All data are saved, the system was revitalized from a backup, and after a few days it was returned to a full function. Also, all active servers and computers in the network have been scanned with the latest version of the corporate antivirus, while infected machines have been isolated and shut down, and will not be in function until forensics by the competent authorities are completed.
The Statistical Office implements all information security measures in its information system for the purpose of data security. In accordance with the internal procedures related to cyber security and incident management, Statistical Office performs daily and weekly backups of databases, both on servers, and on external memories (offline backup), which are stored in the prescribed manner.

Census data are isolated and completely safe

The computer network used to process the 2023 Census data, and associated databases were not the subject of the attack, and are located in an isolated system, thus there is no possibility of this type of incident. Also, as we have repeatedly communicated to the public, for the purposes of the census, special mechanisms and rules have been developed in order to protect data as well as control and restrict access to them, which makes the census data completely safe.

In accordance with the above mentioned, we kindly ask the media to report objectively, and we are informing that Statistical Office has undertaken all activities, and established additional control mechanisms that ensure a full data protection.

Therefore, having in mind all of the above mentioned, Statistical Office did not inform the public about the cyber incident because the procedure is ongoing, and finally the incident did not have a significant impact on the smooth operation of the Statistical Office and data security.

Release