Posted on July 17, 2019 at 11:01 AM
Millions of Bulgarian Taxpayers Lose Financial Data to Hackers in a New Attack
Hacking attacks targeting private information of large quantities of people are among the most common ones today. The most recent large-scale attack was recently reported in Bulgaria, where the attackers managed to get hold of millions of taxpayers’ financial data. The country’s financial minister even publicly apologized to the affected taxpayers on Tuesday, July 16th.
The attack was one of the largest ones that Bulgaria has ever seen, if not the largest one. One researcher even pointed out that the size of the attack may easily indicate that nearly every adult’s personal records in the country were compromised.
The breach itself happened several weeks ago, in the last days of June, when hackers targeted servers at the NRA — Bulgaria’s tax agency. So far, researchers believe that it is likely that the attackers conducted it cross-border, meaning that they were located abroad. It was already confirmed that the attack had been successful after an individual claiming to be a Russian hacker sent the stolen data to the local media via email this Monday.
However, the attacker(s) did not specify why they conducted the attack, and whether they had a specific goal in mind, or if it was simply another case of gathering as much data as possible. This does not seem to be the case, however, as the person who sent the email spoke at length about the corruption in the government. They also said that hackers managed to compromise over 110 databases.
Further, they pointed out that some of the databases were ‘critically confidential,’ and that they include information from some of the key administrators. Even some of this information was offered to journalists as part of the sample that hackers have provided.
Finance minister says that Bulgaria’s financial stability is not compromised
The country’s finance minister, Vladislav Goranov, stated in his announcement that around 3% of the total database of the agency was compromised. Of course, this still means that millions of records were compromised. Population-wise, Bulgaria is not a particularly large country, having only around seven million citizens. Even so, the size of the stolen database could easily mean that everyone with financial records was affected. But, Goranov pointed out that none of the leaked information was classified, and that there is no danger of it compromising the country’s financial stability.
As mentioned, he apologized to the country’s citizens for the attack before departing on the parliament’s summons, where he proceeded to provide an explanation of what happened. He also added that those who try to exploit the data in any way would be held accountable by Bulgarian law. Even so, the quick analysis of the publicly released files did not allow analysts to actually draw any conclusions regarding the financial situation of the country, or even any of the affected citizens.
As for the hacker’s claims that they are Russian, this is currently an unconfirmed claim. Russian authorities did not comment on the incident as of yet. While the country is suspected of having taken part in multiple cyberattacks against foreign governments, they consistently denied any such accusations, so it is unlikely that this time will be any different.
Bulgaria is the EU’s most corrupt country, claims anti-graft group
As mentioned, the attack itself was huge, as confirmed by a cyber security researcher, and Bulgarian Academy of Sciences assistant professor, Vesselin Bontchev. He also said that this is the first major publicly-known data breach in Bulgaria’s history. He also assumed that the country’s entire population is likely affected.
The email that the hackers sent mentioned that around five million of local and foreign citizens were affected, as well as companies. Meanwhile, the local media speculated about the motives behind the attack and has mostly criticized the NRA’s lack of proper security protocols, instead of focusing on the hackers’ motivation or attempts to exterminate corruption in the country.
However, even a local anti-graft website owner, Atanas Chobanov, stated that this is a dangerous situation which might have grave consequences for many different types of people. Another anti-graft group, known as Transparency International, openly stated that Bulgaria is the EU’s most corrupt member.
Additionally, it would appear that the flaws in the country’s data procession systems were already known for quite some time. Bulgaria’s leading business organization, known as BIA, allegedly warned the government of it over a year ago. So far, it is suspected that hackers might have exploited a weakness in the system used for filing tax returns from outside the country. Bulgarian local media outlets already published all kinds of different reports on the matter, with one claiming that the emailed sample had over 1.1 million personal information, including ID numbers, income, healthcare figures, and security details. Another publisher stated that some of the records date all the way back to 2017.
