Source: in-cyprus.philenews.com
Cyprus police are investigating a cyberattack on the Thalis postal tracking system after a hacker claimed to have stolen data and offered it for sale on the dark web.
The Electronic Crime Subdivision is working to prevent document leaks and investigating the claims, police spokeswoman Kyriaki Lamprianidou said.
Police contacted the Digital Security Authority (DSA) on Monday after becoming aware of claims that classified government documents may have been leaked to the dark web, she said.
“From the first moment the claim came to our attention that classified documents from Republic services may have leaked to the dark web, we contacted the Digital Security Authority and requested information to investigate potential crimes and to take preventive measures,” Lamprianidou said.
Official briefings indicate no evidence of leaked content from confidential documents, only data related to their circulation. However, authorities are not downplaying the incident, with both police and the DSA taking action.
Communications Commissioner Giorgos Michailidis confirmed the authority’s involvement. “When the incident came to our attention, even though Cyprus Post is not considered critical infrastructure of the Republic, we became involved,” he said.
Cyprus Post announced on 30 September that the Thalis system was offline for security reasons. The incident gained wider attention in recent days following reports by English-language websites that analyse cyberattacks.
The hacker, using the alias ByteToBreach, advertised lists of official email addresses, financial data, official email correspondence and parcel delivery information for sale.
The hacker claims the data relates to the Presidential Palace, embassies, police and the Central Prisons.
Dark Net Search reported on 3 October that ByteToBreach announced on the Dread forum having extracted thousands of documents from the Thalis system.
The leaked files reportedly include parcels, invoices, police communications, embassy correspondence and shipments to the Presidential Palace, with messages originating from entities in England, Luxembourg, Poland and other EU countries.
Cyprus Post director Pavlos Pavlidis said the hacker gained access to one of the postal service’s systems. “With the investigation we have done so far, it appears he took some screenshots from system screens, which he has leaked on the internet and which show some entries concerning items. There are also some photographs of items and some photographs of the internal statements of cash receipts from some offices,” Pavlidis told Sigma TV on Tuesday.
Authorities remain vigilant given upcoming political and international developments, including Cyprus’s EU Council presidency from 1 January to 30 June 2026. An expert told Phileleftheros that the coming months do not permit relaxation on cybersecurity matters.
Cyprus Post is not classified as critical infrastructure, and no formal complaint was filed with police following the attack.
Five-hour government outage unrelated
A five-hour outage affecting government systems on Tuesday was unrelated to any cybersecurity issue, according to officials.
The Deputy Ministry of Research and Innovation said the problem arose when a passing lorry severed an aerial telecommunications cable belonging to a service provider.
The outage prevented government employees from accessing local networks, internet services and email. Citizens were unable to access certain government online platforms. The problem was resolved gradually.
Communications Commissioner Michailidis said no information had been presented indicating Tuesday’s incident was related to any cybersecurity issue.