Dutch firms used password manager with hidden Russian roots

See more DutchNews articles in your Google search results
See more DutchNews articles in your Google search results
Add as a favourite source on Google Add DutchNews as a favourite source on GoogleA password manager used by several Dutch organisations concealed its Russian origins, according to an investigation by OCCRP, the international journalists’ collective, with Dutch partners Investico, De Groene Amsterdammer and NU.nl.
Passwork, which lets employees store company passwords in a digital vault, presents itself as a European firm based in Spain.
In reality, the researchers say, the software was developed in Russia in 2014, and a Russian sister company is certified by the FSB security service – a process requiring source code to be reviewed by state-approved auditors.
Novar, one of the largest builders of solar parks in the Netherlands, stopped using the software within a day of being informed by Investico and reported the matter to the National Cyber Security Centre. Regional broadcaster RTV Noord said it would carry on using it.
The journalists found no evidence that passwords were stolen or data compromised. Passwork’s chief executive denied any relationship with the Russian firm, saying the products merely share a common codebase origin.
Thank you for donating to DutchNews.nl.
We could not provide the Dutch News service, and keep it free of charge, without the generous support of our readers. Your donations allow us to report on issues you tell us matter, and provide you with a summary of the most important Dutch news each day.
Make a donation