RNCSD A.I CyberSecurity Scoring
RNCSD
Company Information
Website:https://dnsc.ro/
Employees number:123
Number of followers:29,755
NAICS:541514
Industry Type:Computer and Network Security
Homepage:dnsc.ro
RNCSD Risk Score (AI oriented)
Between 0 and 549
RNCSDComputer and Network Security
Updated:
29/03/2026
29/03/2026
547/1000
Critical
C
RNCSD Global Score (TPRM)
xxxx
RNCSDComputer and Network Security
Score locked

RNCSDCritical
Current Score
547C (CRITICAL)
01000
3 incidents
-103.5 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
562
JUNE 2026
559
MAY 2026
552
APRIL 2026
551
MARCH 2026
546
FEBRUARY 2026
628
JANUARY 2026
626
DECEMBER 2025
738
Ransomware
27 Dec 2025 • RNCSD
Oltenia Energy Complex, Administrația Națională Apele Române and Electrica Group: Romanian energy provider hit by Gentlemen ransomware attack
Ransomware Attack on Oltenia Energy Complex
623
CRITICAL-115
COMDIRHID1767023731
Romania’s Largest Coal Energy Provider Hit by Ransomware Attack
Romania’s largest coal-based energy producer, Oltenia Energy Complex (Complexul Energetic Oltenia), suffered a ransomware attack on December 26, disrupting its IT infrastructure. The state-owned company, which employs 19,000 people and supplies 30% of Romania’s electricity, reported that the incident encrypted files and temporarily disabled critical systems, including ERP platforms, document management tools, email services, and its website.
While the attack partially affected operations, the company confirmed that the National Energy System remained stable. IT teams immediately began restoring systems from backups, though the full impact—including potential data theft—is still under assessment. Authorities, including the National Cyber Security Directorate, Ministry of Energy, and DIICOT (Romania’s cybercrime investigation unit), were notified, and a criminal complaint was filed.
The attack has been attributed to the Gentlemen ransomware group, which emerged in August 2024 and is known for exploiting compromised credentials and exposed services. The gang typically leaves README-GENTLEMEN.txt ransom notes and appends the .7mtzhh extension to encrypted files. Though the group has listed nearly 40 victims on its leak site, Oltenia Energy Complex has not yet appeared, suggesting possible ransom negotiations.
This incident follows another recent attack on Romanian Waters (Administrația Națională Apele Române), the country’s water management authority, which disrupted 1,000 systems across 10 regional offices earlier in December—though core operations remained unaffected. Romania has faced a surge in ransomware attacks, including a 2023 breach of Electrica Group by the Lynx gang and a February 2024 Backmydata ransomware attack that forced over 100 hospitals offline.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
NOVEMBER 2025
738
Breach
12 Nov 2025 • RNCSD
Shinhan Card: Shinhan Card reports data breach involving 190,000 merchant records
Shinhan Card Personal Data Breach Involving Merchant Representatives
646
HIGH-92
SHI1766477260
Shinhan Card Reports Data Breach Affecting 190,000 Merchant Representatives
Shinhan Card disclosed a data breach involving approximately 192,088 records of merchant representatives, marking the latest in a series of recent leaks affecting major South Korean firms, including Coupang, KT, SK Telecom, and Lotte Card. The incident, reported to the Personal Information Protection Commission (PIPC) on Tuesday, was attributed to internal employee misconduct related to new card solicitation rather than external hacking.
The exposed data included:
- 181,585 records containing only mobile phone numbers
- 8,120 records with phone numbers and names
- 2,310 records with phone numbers, names, birth years, and gender
- 73 records with phone numbers, names, and full dates of birth
Shinhan Card confirmed that no highly sensitive information—such as resident registration numbers, card details, or bank accounts—was compromised. The breach was limited to merchant representatives, with no impact on individual cardholders. The company stated that the leak stemmed from isolated employee actions and posed no further dissemination risk.
The case came to light after a whistleblower submitted evidence to the PIPC, prompting an investigation. Shinhan Card began reviewing the allegations on November 13, verifying the breach through internal records. Following the findings, the company issued a public apology, notified affected merchants, and launched a webpage for individuals to check their exposure.
While Shinhan Card has taken measures equivalent to those for a data breach, further review is needed to classify the incident officially. The company pledged to strengthen protections to prevent future occurrences.
Security Investment Trends Lag Despite Rising Breaches
A recent survey by market tracker Leaders Index revealed that while major South Korean firms increased IT spending by 31.2% (from 16.5 trillion won in 2022 to 21.6 trillion won in 2024), information security investment grew only marginally in proportion—from 5.8% to 5.9% of total IT budgets. Security staffing saw a similar trend, with dedicated personnel rising 22.3% but remaining at just 6.7% of IT workforce share. Analysts noted that despite absolute increases, security priorities continue to trail broader technology spending.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
OCTOBER 2025
737
SEPTEMBER 2025
737
AUGUST 2025
736
MAY 2025
751
Cyber Attack
06 May 2025 • RNCSD
Romanian Government Websites
DDoS Attack on Romanian Government Websites
734
LOW-17
DIR522050725
Over the weekend, multiple Romanian government websites, including those of the Ministry of Foreign Affairs and the Constitutional Court, were subjected to distributed denial-of-service attacks orchestrated by the pro-Russian hacktivist group NoName057(16). The targeted sites experienced a sustained flood of traffic that rendered them inaccessible to legitimate users, disrupting access to official election information and public services during the crucial rerun of Romania's presidential election. The election rerun itself had been prompted by the nullification of the initial vote after evidence of Russian interference emerged. Despite the severity of the timing and the potential for undermining public trust in the electoral process, no data breach or information theft occurred. All impacted websites were swiftly restored to normal operations by the Romanian National Directorate for Cyber Security, minimizing long-term operational disruption. However, the incident caused temporary service outages, prevented citizens and international observers from obtaining timely updates, and highlighted the vulnerability of state infrastructure to geopolitically motivated cyber attacks. The example underscores the need for robust DDoS mitigation strategies to safeguard democratic processes and maintain continuity of critical online services. The rapid recovery also demonstrated the effectiveness of coordinated incident response efforts and the importance of continuous monitoring to detect and thwart DDoS threats before they can inflict more widespread disruptions.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for RNCSD ??
What was RNCSD's A.I Rankiteo Cyber Score in June 2026 ??
What was RNCSD's A.I Rankiteo Cyber Score in May 2026 ??
What was RNCSD's A.I Rankiteo Cyber Score in April 2026 ??
What was RNCSD's A.I Rankiteo Cyber Score in March 2026 ??
What was RNCSD's A.I Rankiteo Cyber Score in February 2026 ??
What was RNCSD's A.I Rankiteo Cyber Score in January 2026 ??
What was RNCSD's A.I Rankiteo Cyber Score in December 2025 ??
What was RNCSD's A.I Rankiteo Cyber Score in November 2025 ??
What was RNCSD's A.I Rankiteo Cyber Score in October 2025 ??
What was RNCSD's A.I Rankiteo Cyber Score in September 2025 ??
What was RNCSD's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on RNCSD's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with RNCSD ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view RNCSD's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?