Eastern European country Bulgaria has suffered the biggest data breach in its history that compromised personal and financial information of 5 million adult citizens out of its total population of 7 million people.
According to multiple sources in local Bulgarian media, an unknown hacker earlier this week emailed them download links to 11GB of stolen data which included taxpayer’s personal identifiable numbers, addresses, and financial data.
In a brief statement released Monday, the National Revenue Agency (NRA) of Bulgaria said the stolen data originates from the country’s tax reporting service.
The NRA also indicated that the Ministry of the Interior and the State Agency for National Security (SANS) have started taking an assessment of the potential vulnerability in NRA’s systems that attackers might have exploited to breach into its databases.
It appears that until now, the hacker, who claimed to be a Russian man, has only released 57 out of a total of 110 compromised databases, which is about 21GB in total.
In a follow-up announcement, the NRA said almost 20 days ago, the attacker unauthorizedly accessed about 3 percent of the information contained in their databases.
“Currently, e-services for citizens and businesses are functioning normally, with the exception of the VAT refund service paid abroad, as well as by the revenue office. Unregulated access to sensitive information is limited,” the NRA said.
As consequences of the incident, Bulgaria’s NRA tax agency is now facing a fine of up to 20 million euros (nearly £18 million) or 4% of the agency’s annual turnover over the data breach, said Prof. Veselin Tselkov, a member of the Commission for Personal Data Protection.
Bulgarian police said they have also arrested a 20-year-old Bulgarian cybersecurity professional on Tuesday after authorities raided his home and office in the capital Sofia and seized his computers containing encrypted data, Reuters reports.
According to Yavor Kolev, head of the Bulgaria police’s cybersecurity unit, the arrested man allegedly tested security vulnerabilities in government-owned computer networks. Since the investigation is still ongoing, at this moment, it’s not clear if he is behind the NRA data breach.
Sofia city prosecutors said the arrested Bulgarian hacker had been charged with a computer crime and would be held for another three days.