Andorran Transplant Group Warns of Email Hack and Fake Event Scam

The Andorran Association of Transplant Recipients and Donors (Atida) has warned its contacts about an unauthorized access to its institutional email account, info@atida.ad, following a cyber incident where an intruder sent fraudulent invitations to a fake event.

The messages, dispatched to various individuals linked to the group, promoted a nonexistent party organized by Atida and contained a QR code for recipients to scan. The association stressed it had no involvement in creating, approving, or distributing the emails, labeling them as impostor communications.

Potentially compromised data includes contact details such as email addresses, names, surnames, and other basic identifiers from the account's address book or linked databases, along with inferences about recipients' connections to Atida. Officials report no confirmed instances of the QR code leading to further actions or breaches, but the probe continues to gauge the incident's scope.

In response, Atida has suspended normal operations on the account, reset login credentials, and sought assistance from its IT service provider. The matter has been reported to Andorran police and the Andorran Data Protection Agency (APDA).

Recipients are advised to delete the emails immediately, refrain from scanning the code, responding, or providing personal details, and remain cautious of similar deceptive messages in the near term. Those who interacted with the content should review their accounts, update passwords, and reach out to Atida for guidance on enhanced protections. The group also urges skepticism toward any unsolicited requests for data, payments, or donations claiming to represent it, recommending preservation and forwarding of suspicious follow-ups for analysis.

Atida apologized for the inconvenience, appreciated recipients' patience, and pledged ongoing efforts to resolve the issue and bolster digital defenses.