July 17, 2019 at
Hacking attacks targeting private information
of large quantities of people are among the most common ones today. The most
recent large-scale attack was recently reported in Bulgaria, where the
attackers managed to get hold of millions of taxpayers’ financial data. The
country’s financial minister even publicly apologized to the affected taxpayers
on Tuesday, July 16th.
The attack was one of the largest ones that Bulgaria has ever seen, if not the largest one. One researcher even pointed out that the size of the attack may easily indicate that nearly every adult’s personal records in the country were compromised.
The breach itself happened several weeks ago,
in the last days of June, when hackers targeted servers at the NRA — Bulgaria’s
tax agency. So far, researchers believe that it is likely that the attackers
conducted it cross-border, meaning that they were located abroad. It was
already confirmed that the attack had been successful after an individual
claiming to be a Russian hacker sent the stolen data to the local media via
email this Monday.
However, the attacker(s) did not specify why
they conducted the attack, and whether they had a specific goal in mind, or if
it was simply another case of gathering as much data as possible. This does not
seem to be the case, however, as the person who sent the email spoke at length
about the corruption in the government. They also said that hackers managed to
compromise over 110 databases.
Further, they pointed out that some of the
databases were ‘critically confidential,’ and that they include information
from some of the key administrators. Even some of this information was offered
to journalists as part of the sample that hackers have provided.
Finance minister says that
Bulgaria’s financial stability is not compromised
The country’s finance minister, Vladislav Goranov, stated in his announcement that around 3% of the total database of the agency was compromised. Of course, this still means that millions of records were compromised. Population-wise, Bulgaria is not a particularly large country, having only around seven million citizens. Even so, the size of the stolen database could easily mean that everyone with financial records was affected. But, Goranov pointed out that none of the leaked information was classified, and that there is no danger of it compromising the country’s financial stability.
As mentioned, he apologized to the country’s
citizens for the attack before departing on the parliament’s summons, where he
proceeded to provide an explanation of what happened. He also added that those
who try to exploit the data in any way would be held accountable by Bulgarian
law. Even so, the quick analysis of the publicly released files did not allow
analysts to actually draw any conclusions regarding the financial situation of
the country, or even any of the affected citizens.
As for the hacker’s claims that they are
Russian, this is currently an unconfirmed claim. Russian authorities did not
comment on the incident as of yet. While the country is suspected of having
taken part in multiple cyberattacks against foreign governments, they
consistently denied any such accusations, so it is unlikely that this time will
be any different.
Bulgaria is the EU’s most corrupt
country, claims anti-graft group
As mentioned, the attack itself was huge, as
confirmed by a cyber security researcher, and Bulgarian Academy of Sciences
assistant professor, Vesselin Bontchev. He also said that this is the first
major publicly-known data breach in Bulgaria’s history. He also assumed that
the country’s entire population is likely affected.
The email that the hackers sent mentioned that around five million of local and foreign citizens were affected, as well as companies. Meanwhile, the local media speculated about the motives behind the attack and has mostly criticized the NRA’s lack of proper security protocols, instead of focusing on the hackers’ motivation or attempts to exterminate corruption in the country.
However, even a local anti-graft website
owner, Atanas Chobanov, stated that this is a dangerous situation which might
have grave consequences for many different types of people. Another anti-graft
group, known as Transparency International, openly stated that Bulgaria is the
EU’s most corrupt member.
Additionally, it would appear that the flaws in the country’s data procession systems were already known for quite some time. Bulgaria’s leading business organization, known as BIA, allegedly warned the government of it over a year ago. So far, it is suspected that hackers might have exploited a weakness in the system used for filing tax returns from outside the country. Bulgarian local media outlets already published all kinds of different reports on the matter, with one claiming that the emailed sample had over 1.1 million personal information, including ID numbers, income, healthcare figures, and security details. Another publisher stated that some of the records date all the way back to 2017.