Cyberattack on Cyprus Post: Government correspondence may have leaked to the dark web

A large-scale cyberattack is being investigated in Cyprus after files allegedly containing correspondence and internal documents of government departments linked to Cyprus Post appeared on the dark web.

According to Lenta Cyprus, unknown hackers gained unauthorized access to the Thalis system, which is used by the postal service to process correspondence, including official government mail. The archives published on the dark web reportedly contain inter-ministerial letters, internal directives, and technical tracking and registration data for postal shipments.

Cyprus Post temporarily suspended the Thalis system, stating that it was done “for security reasons and to verify a potential data breach.” In an official announcement, the service emphasized that cybersecurity experts have already begun an internal investigation. However, the authenticity of the leaked files has not yet been confirmed.

The Ministry of Transport and Communications of Cyprus, which oversees the postal department, also announced that it is cooperating with the police and the Department of Digital Technologies to assess the situation. According to ministry representatives, the priority is “to identify the source of the possible attack and prevent further risks to government communications.”

Information security experts note that if the authenticity of the published materials is confirmed, the leak could have serious consequences. It could affect confidential correspondence between ministries and diplomatic institutions, as well as compromise the protection of citizens’ personal data.

Cyprus investigative authorities are conducting a technical examination of servers and network infrastructure to determine whether the leak resulted from an external hack or internal error. The possibility of involvement by international cyber groups previously responsible for similar attacks on European government institutions is also being considered.

At present, authorities have urged all government bodies and private companies to strengthen cybersecurity measures, update passwords, and improve data protection systems. The official investigation results are expected in the coming days.