Romanian government site cloned in data theft scam as cyber attacks disrupt property services

Romanian authorities warned on Wednesday about a cloned version of the government's Ghișeul.ro platform used to steal personal and banking data. The National Cyber Security Directorate (DNSC) said fraudsters created a near-identical copy of the site to trick users into entering sensitive information.
"Orice site poate fi clonat. Sunt copiate toate elementele și introduse în site-ul clonat," said DNSC spokesperson Mihai Rotariu. Users are advised to manually enter the official URL and verify secure connections, though DNSC warns that secure connections alone don't guarantee authenticity.
Meanwhile, a data breach at European booking system Secureholiday exposed personal information of 41,577 Dutch campers. The breach, discovered on February 28, affected bookings at 500 campgrounds across Europe. Stolen data included names, email addresses, travel destinations, and payment amounts. Cybercriminals used this information to send phishing emails in May and June, demanding credit card payment confirmations.
In a separate incident, a cyber attack has disrupted services at Romania's National Agency for Cadastre and Real Estate Advertising (ANCPI). The agency's systems, including the e-Terra application for cadastre and land book services, have been down since July 14. ANCPI estimates services won't be restored until the end of this week, affecting property registrations and transactions.
The incidents are part of a broader wave of cyber threats. In Germany, hackers stole customer data from Lidl's online shop, including phone numbers and email addresses. In New York, Governor Kathy Hochul imposed a one-year moratorium on new large-scale data centers due to energy consumption concerns.
DNSC recommends verifying website URLs and avoiding links from unknown sources. ANCPI assured that stored data was not compromised. Secureholiday's parent company Ctoutvert patched the vulnerability but many users received warnings only after falling for phishing attempts.
The Fraudehelpdesk, a Dutch fraud reporting organization, has received nearly 1,100 reports this year of similar phishing attempts. "You can basically make everything look very realistic with the techniques that exist now," said Eunice Bom from the Fraudehelpdesk. "It is so almost impossible to distinguish from the real thing."
In Romania, around 270 individuals in Brașov and other counties reported they cannot complete property purchases before a July 31 tax deadline due to the ANCPI outage. The agency said all systems, including email and the e-Terra application, are affected.
The Secureholiday breach affected bookings in 18 countries, including the Netherlands, Germany, Belgium, France, Spain, the United Kingdom, and Denmark. The system handles bookings for 4,300 campgrounds and processes about 1.2 million reservations annually.
Ctoutvert said it patched the security vulnerability the same day it was discovered and notified affected campgrounds. However, many warnings reached campers only after they had already started questioning the suspicious emails.
In Germany, Lidl confirmed that hackers gained access to customer data from its online shop. The company has not specified how many customers are affected or how the breach occurred.
The New York moratorium applies to data centers consuming at least 50 megawatts of electricity, equivalent to the consumption of 50,000 households. Governor Hochul's decision challenges the Trump administration's push for accelerated AI deployment.
In Romania, DNSC continues to investigate the Ghișeul.ro cloning incident and the ANCPI cyber attack. Authorities advise users to be vigilant and report any suspicious activity.
The ANCPI attack has caused significant disruption, with users unable to access cadastre services, land book records, or process property documentation. The agency has assured that stored data remains secure.
In the Netherlands, campers have taken to social media to warn each other about the phishing scams. The Fraudehelpdesk advises people to verify any payment requests directly with the campground before taking action.
The Secureholiday breach highlights the growing threat of phishing scams following data breaches. Cybercriminals use stolen personal details to create convincing fake emails, making it difficult for users to distinguish between legitimate and fraudulent messages.
In Romania, the DNSC has issued guidelines for users to protect themselves from cyber fraud. These include verifying website URLs, checking for secure connections, and avoiding links from unknown sources.
The ANCPI cyber attack is the most severe technical disruption in the agency's history, according to officials. The outage has raised concerns among real estate buyers who risk missing the July 31 deadline for reduced tax rates.
In New York, the moratorium on data centers reflects growing concerns about energy consumption and environmental impact. The decision has drawn criticism from tech companies but has been welcomed by environmental groups.
The incidents serve as a reminder of the ongoing threat of cyber fraud and the importance of vigilance when sharing personal information online. Authorities continue to investigate and urge users to report any suspicious activity.
Follow us for live European news
- 3
- 2
- 2
- 1
- 1
- 1
- 1
- 1
- 1
- 1
2 further sources not geolocated





