28 February 2024: Netcompany has been subjected to a simple data theft of source code and user manuals, which has been described in several media outlets over the past few days. On 26th February, a 34-year-old man was arrested, and Netcompany now leaves the matter to the authorities and considers the company’s role concluded but will assist the police in the investigation going forward.
Over the past few days, several media outlets have described a data theft at Netcompany. The theft involved source code and simple manuals for Netcompany tools. The theft has not affected the operation or services of Netcompany nor Netcompany’s customers.
On 26 February 2024, the Copenhagen Police arrested a 34-year-old man who was charged with unauthorised access to public authorities and a private company’s data and disclosure thereof. The accused has confessed to the factual circumstances. The accused is not employed by Netcompany.
Netcompany has had an overview of the stolen data and has taken measures to ensure that the stolen files cannot be used to gain unauthorised access to running production systems. Netcompany knows how the theft occurred and is aware of the extent. It is a case of simple theft, where an external login was used to retrieve a limited amount of source code and related manuals for Netcompany tools. The access has been closed.
There has been neither a supply chain attack nor a ransomware attack.
»All involved in Netcompany have handled the matter with utmost professionalism and seriousness throughout the process and investigation of the data theft and have kept a level head. This has been crucial to ensure that the theft has not affected the operation or services of any customers or ourselves. We have had a close dialogue with customers and relevant authorities, and with yesterday’s arrest, we consider our part in the matter concluded,« says André Rogaczewski, CEO of Netcompany.
Throughout the process, Netcompany has closely cooperated with the relevant authorities, including the affected customer. Due to the ongoing investigation, Netcompany has only been able to inform the press and the public to a limited extent.
Netcompany communicated throughout with the customers mentioned in the leaked files.
The intention of the theft was assessed by our experts to include spreading rumours of an attack through media and IT professionals, making it even more important for Netcompany to counter misinformation and limit the spread of the files early in the process.