Skip to main content

Bulgaria`s Tax Collection System Hacked, Over $22million Breached.

By Editor

Hacker Stole Data of Over 70% Bulgarian Citizens from Tax Agency Servers.

Eastern European country Bulgaria has suffered the biggest data breach in its history that compromised personal and financial information of 5 million adult citizens out of its total population of 7 million people.
According to multiple sources in local Bulgarian media, an unknown hacker earlier this week emailed them download links to 11GB of stolen data which included taxpayer's personal identifiable numbers, addresses, and financial data.
In a brief statement released Monday, the National Revenue Agency (NRA) of Bulgaria said the stolen data originates from the country's tax reporting service.


The NRA also indicated that the Ministry of the Interior and the State Agency for National Security (SANS) have started taking an assessment of the potential vulnerability in NRA's systems that attackers might have exploited to breach into its databases.
It appears that until now, the hacker, who claimed to be a Russian man, has only released 57 out of a total of 110 compromised databases, which is about 21GB in total.
In a follow-up announcement, the NRA said almost 20 days ago, the attacker unauthorizedly accessed about 3 percent of the information contained in their databases.
"Currently, e-services for citizens and businesses are functioning normally, with the exception of the VAT refund service paid abroad, as well as by the revenue office. Unregulated access to sensitive information is limited," the NRA said.
As consequences of the incident, Bulgaria's NRA tax agency is now facing a fine of up to 20 million euros ($22.43 million) or 4% of the agency's annual turnover over the data breach, said Prof. Veselin Tselkov, a member of the Commission for Personal Data Protection.
Suspected "White Hat" Hacker Arrested
Bulgarian police have also arrested a 20-year-old "white-hat hacker" as the main suspect for the NRA data breach after authorities raided his home and office in the capital Sofia and seized his computers containing encrypted data, according to a local media.
The arrested suspect, Christian Boykov, is a cybersecurity expert who has been training officers of the GCDPC for fighting organized cybercrime.


Boykov was in the news two years ago, when he found a vulnerability in the website of the Ministry of Education and Science (MES) and contacted "Lords of the Air," a popular TV show to tell the story only after the ministry ignored his initial disclosure.
After that incident, Boikov was hired as an ethical hacker by the global cybersecurity company "TAD Group," and at the moment of arrest, he was an employee of the company, where his job responsibility was to pentest the systems in the state agencies and private companies for potential vulnerabilities.
Since the investigation is still ongoing, at this moment, it's not clear if he is behind the NRA data breach. However, the Sofia City Prosecutor's Office accused Boykov of unauthorized access to a computer system that is part of the critical infrastructure of the state.
His lawyers say there is no evidence against the boy, but if proven guilty, Boikov—who has no past criminal record—could face up to 8 years in prison.

Comments

Post a Comment

Popular posts from this blog

We Bring You Brief Series of Sanctions Against Uganda Government Officials.

By Editor
📸: Gen Abel Kandiho. On 9-December-2021, USA slapped sanctions against the then CMI Commander Gen Abel Kandiho. 📸: Gen Kale Kayihura. On 9-December-2022, UK slapped sanctions against former Police Boss Gen Kale Kayihura. 📸: Commissioner General of Prisons, Johnson Byabashaija. Again on this 4-December-2023, the same USA has slapped sanctions against Uganda Prisons Commander Johnson Byabashaija over alleged torture and human rights abuses in Prisons across Uganda. We ask, has USA and UK made December as an LCM to slap sanctions against high ranking government officials in Uganda even when the sanctions just remain on paper without deeper investigations to ascertain logical conclusions or remedy to that effect ?. #iip_updates  #Information_is_Power  #we_inform_the_uninformed
Post a Comment
Read more

WHERE IS MINISTER OF SEX SIMON LOKODO?. (He deserves a battle of soda from me! Ministe`r esalanga mabee. He is quick to run after Mrs Dr Stella Nyanzi and other Opposition elements. Government aza aza edo zuu vaa kpere bua). Anyway, below is the article! POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit'  Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos. Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.

By Editor
POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit' Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says  Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos . Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.
Post a Comment
Read more

An autistic man was surfing the internet on his dad’s sofa. Then the FBI turned up to Arrest Him.

By Editor
By Stephanie Clifford. I f you read Brandon Fleury a story when he was three, he’d recite it back to you word for word. His father Patrick, then a professional tennis coach, was both bemused and impressed by his physically awkward son. He would tell people about Brandon’s capacity for mimicry – eventually he found himself explaining it to a jury. Brandon had a tough childhood. One night when he was five and lying in bed with his mother, she had a pulmonary embolism and died. Fleury became a full-time single dad to Brandon and his younger brother. Brandon had always needed extra attention, but after his wife died  Fleury began to pick up on more unusual elements of his son’s behaviour . A girl from the neighbourhood would pull him around in a wagon “like he was a puppy”; Brandon seemed uneasy with it yet unable to articulate his discomfort. At their home in Santa Ana, California, he would repeat phrases and questions over and over again, or open and shut doors repeatedly. So
Post a Comment
Read more