A1 Telekom, Austria’s largest internet service provider was hacked in November 2019. In December, A1’s cybersecurity team noticed the intrusion, but it wasn’t until May 22, 2020 that they were able to remove the malware and boot the hackers from the system. The delay came from the team’s maneuvers to avoid alerting the hackers to A1’s awareness of their presence in the system, and from several unfortunate postponements caused by the coronavirus pandemic. The main suspect for this attack is the PLA hacking group called Gallium. The fact that the attackers did not use ransomware or encrypt any data points to a state-controlled group, Gallium targeted many telecom companies in 2018 and 2019 to steal their data, and the attack pattern fit their usual modus operandi. However, there was no official attribution of the attack on A1 Telekom.