News - 23.12.2024

Cyberattack on VR's Hosting Provider

VR has been informed of a cyberattack targeting Wise, the company that provides VR with data processing and hosting services. According to information from Wise, the company's security plan was activated as soon as the attack was detected, and measures are being implemented in accordance with the plan, including assistance from cybersecurity experts at Syndis. For further details, see the news update on Wise's website. VR has reported the incident to the Icelandic Data Protection Authority in accordance with legal requirements.

Wise is certified according to international security standards, and the services VR uses from Wise pertain to the union's financial systems. Wise hosts personally identifiable data for VR, primarily relating to bank transactions between VR and individuals, as well as payments from VR funds, including the VR Sick Pay Fund. Attackers may have accessed data from the past four years. The potentially affected data regarding VR members includes national ID numbers, banking details, and transaction amounts. However, no other personal information, such as health data of VR members, was involved.

VR will continue to monitor the situation and provide updates as new information becomes available.