Summary:Shocking Cyber Attack Hits Romania’s Land Registry, Exposing Citizens’ Data **Introduction** On Tu
referrerpolicy="no-referrer"
style="max-width:100%;height:auto;display:block;margin:0 auto;">
Shocking Cyber Attack Hits Romania’s Land Registry, Exposing Citizens’ Data
**Introduction**
On Tuesday, July 14, Romania’s National Agency for Cadastre and Land Registration (ANCPI) announced that its e‑Terra platform— the digital gateway for property records, cadastral maps and land‑title transactions—had gone offline. Initially labeled a “major technical incident,” the outage quickly revealed itself as a coordinated cyber intrusion that compromised the personal data of thousands of citizens. The breach has sparked alarm across government circles and raised urgent questions about the resilience of critical public‑sector IT infrastructure.
**Key Developments**
ANCPI’s statement confirmed that unauthorized actors gained access to the e‑Terra database, extracting names, national identification numbers, property addresses and transaction histories. The agency shut down the service within hours to contain the leak and enlisted the National Cybersecurity Directorate (DNSC) to conduct a forensic investigation. Preliminary findings point to a ransomware variant that exploited an unpatched vulnerability in a third‑party payment module integrated into the portal. While ANCPI insists that no financial data were altered, the exposed personal information could be used for identity theft, fraudulent property transfers or targeted phishing campaigns.
**Industry Analysis**
The incident underscores a growing trend: land‑registry systems, once considered low‑profile targets, are now attractive to cybercriminals seeking high‑value personal data. Unlike financial institutions, many cadastral platforms operate on legacy architectures with limited segmentation, making lateral movement easier once a foothold is secured. Experts note that the attack mirrors recent breaches in Estonia and Latvia, where similar e‑government portals were compromised via outdated software components. The Romanian case highlights the need for regular