Germany’s prison system could be in serious trouble due to the carelessness of one of its employees. According to a recent report, a prison employee accidentally sent the institution’s security keys to a WhatsApp group, which could compromise the security of this facility.
Apparently, the intern took a picture and sent it to his friends’ chat group. What the employee was unaware of is that the photo could see the most important security key of the facility, used to block all cells and corridors in the prison.
As a security measure, the prison administration had to change the 600 electronic locks at the facility, which cost tens of thousands of Euros. Management also had to disrupt some activities, including visits to inmates.
Local media reports that the employee, whose name was not revealed, was just trying to share with his friends and family something about his new work environment, ruling out that he had malicious intentions. The main risk of this incident, mentioned by cybersecurity experts, is that any hacker could replicate these keys to unlock the cells of any of the 657 prisoners in this facility.
Although it is not known how this information reached the prison administration, steps were taken almost immediately to prevent any undesired incidents: “We had to change all the locks and even some doors; this was not an economic effort, as we also had to hire 20 new members of the security team and properly destroy outdated security devices and keys,” says local government spokesman Sevastian Brux. The authorities did not mention an exact figure, but local media estimates that around 50 thousand Euros would have been invested to complete these changes.
Needless to mention, the intern was removed from his charge as a result of this oversight, and spokesman Brux confirmed that the authorities are considering the individual to assume the costs of this incident. To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) website.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.