The attackers stole source code and code signing certificates. AnyDesk responded by revoking security certificates, replacing systems, and reassuring customers that it is safe to use the software.
Admins are advised to upgrade to the latest ALEOS version, change default SSL certificates, disable non-essential services, implement web application firewalls, and install an OT/IoT-aware IDS for enhanced protection against these vulnerabilities.
The exposed records included scanned identity documents, insurance inquiries, certificates of vehicle registration, and other sensitive data. The incident also exposed names and details of drivers, witnesses, and Garda officers.