Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Security Privacy Technology

Bulgaria's Hacked Database Leaks To Hacking Forums (zdnet.com) 32

Posted by msmash from the privacy-woes dept.
The database of Bulgaria's National Revenue Agency (NRA), which was hacked over the weekend and sent to local reporters, is now being shared on hacking forums, ZDNet has learned from sources in the threat intelligence community. From a report: Download links to the hacked database have been shared by a hacked data trader known as Instakilla, believed to be operating out of Bulgaria. ZDNet obtained a copy of the database and verified its authenticity with local sources, and this is a copy of the same database sent to local media over the weekend. The database contains 57 folders, 10.7 GB in size, and holds personal and financial information consistent with what Bulgarian newspapers reported receiving over the weekend. This includes personally identifiable information, tax information, from both the NRA, and from other government agencies who shared their data.
This discussion has been archived. No new comments can be posted.

Bulgaria's Hacked Database Leaks To Hacking Forums More

Bulgaria's Hacked Database Leaks To Hacking Forums

Comments Filter:
  • I'm sure that it will be used to the benefit of mankind.

  • Age of Anything Goes and Nothing Matters (Score:3)

    by Seven Spirals ( 4924941 ) on Thursday July 18, 2019 @02:00PM (#58946834)
    Just like the OMB hack, this is a tremendous amount of personal data that will have some real impact on people's lives, especially when it comes to identity theft, but nobody will do shit. The only upside of this particular hack is that it might expose some rich egregious tax dodgers. Nothing every happens when governments lose a shitton of super-sensitive data. Location of nukes leaks? No problem! Names of everyone in the military, FBI, and CIA? No problem! Absolutely everyone's credit data? Why not! Unless you can pin it on one fat incel guy in his mom's basement, then we gotta move on and talk about Trump or something else to throw smoke in the air and prevent any real discussion or progress.

  • The comments of the minister of finances, (Score:4)

    by Mr. Dollar Ton ( 5495648 ) on Thursday July 18, 2019 @02:07PM (#58946858)

    who is the boss of the organizations that have leaked the data is as clueless as his IT staff.

    The other day someone sent me a comment he made when the leak became known: "I apologize to the affected by the hacker attack Bulgarian citizens and I assure them that their data is being well defended". The authorities also apparently arrested a guy who had nothing to do with the leak and pressured him to "confess".

    It seems there are some places in the world that are so backwards and corrupt that for them IT access is more trouble than advantage.

  • So, it's Bulgarian tax data and was uploaded by a hacker who is believed to also be Bulgarian. So take the uploaded data, compare it to the original data, and see if any people/information are missing. One would assume a hacker wouldn't want their own information included in data they are offering up for sale.

    • It is most likely a foreign actor. The hack was announced the next day after the government confirmed it's going to sign the deal to buy eight F-16 jets from the US ...
      Most of the data is old, but there are some records as recent as March/April this year.
      To me it looks like a warning shot.

  • "... a Bulgarian IT expert for releasing public details about how to exploit a vulnerability in a state-managed kindergarten web portal to harvest the GRAO details of all Bulgarians."

    This kind on information (GRAO : Department Civil Registration and Administrative Services) MUST BE TOTALLY DISCONNECTED FROM THE INTERNET ! Why on earth is this kind of information available on the "same network" as a public Web portal ?!

    • It doesn't matter how good your security protocols or practices are if the people who have to implement them are idiots.

  • "This includes personally identifiable information, tax information, from both the NRA, and from other government agencies who shared their data."

    Hmmm, NRA tax data from Russia? As George Takei would say, "Oh MY!"

    The NRA (the National Russian Alliance) is going to have some 'splainin to do by the time this is all over.

    When asked for a comment, Trump said, "I don't even know what street Russia is on!"

Slashdot Top Deals

To the systems programmer, users and applications serve only to provide a test load.

Close