Skip to main content

Bulgaria`s Tax Collection System Hacked, Over $22million Breached.


Hacker Stole Data of Over 70% Bulgarian Citizens from Tax Agency Servers.

Eastern European country Bulgaria has suffered the biggest data breach in its history that compromised personal and financial information of 5 million adult citizens out of its total population of 7 million people.
According to multiple sources in local Bulgarian media, an unknown hacker earlier this week emailed them download links to 11GB of stolen data which included taxpayer's personal identifiable numbers, addresses, and financial data.
In a brief statement released Monday, the National Revenue Agency (NRA) of Bulgaria said the stolen data originates from the country's tax reporting service.


The NRA also indicated that the Ministry of the Interior and the State Agency for National Security (SANS) have started taking an assessment of the potential vulnerability in NRA's systems that attackers might have exploited to breach into its databases.
It appears that until now, the hacker, who claimed to be a Russian man, has only released 57 out of a total of 110 compromised databases, which is about 21GB in total.
In a follow-up announcement, the NRA said almost 20 days ago, the attacker unauthorizedly accessed about 3 percent of the information contained in their databases.
"Currently, e-services for citizens and businesses are functioning normally, with the exception of the VAT refund service paid abroad, as well as by the revenue office. Unregulated access to sensitive information is limited," the NRA said.
As consequences of the incident, Bulgaria's NRA tax agency is now facing a fine of up to 20 million euros ($22.43 million) or 4% of the agency's annual turnover over the data breach, said Prof. Veselin Tselkov, a member of the Commission for Personal Data Protection.
Suspected "White Hat" Hacker Arrested
Bulgarian police have also arrested a 20-year-old "white-hat hacker" as the main suspect for the NRA data breach after authorities raided his home and office in the capital Sofia and seized his computers containing encrypted data, according to a local media.
The arrested suspect, Christian Boykov, is a cybersecurity expert who has been training officers of the GCDPC for fighting organized cybercrime.


Boykov was in the news two years ago, when he found a vulnerability in the website of the Ministry of Education and Science (MES) and contacted "Lords of the Air," a popular TV show to tell the story only after the ministry ignored his initial disclosure.
After that incident, Boikov was hired as an ethical hacker by the global cybersecurity company "TAD Group," and at the moment of arrest, he was an employee of the company, where his job responsibility was to pentest the systems in the state agencies and private companies for potential vulnerabilities.
Since the investigation is still ongoing, at this moment, it's not clear if he is behind the NRA data breach. However, the Sofia City Prosecutor's Office accused Boykov of unauthorized access to a computer system that is part of the critical infrastructure of the state.
His lawyers say there is no evidence against the boy, but if proven guilty, Boikov—who has no past criminal record—could face up to 8 years in prison.

Comments

Popular posts from this blog

We Bring You Brief Series of Sanctions Against Uganda Government Officials.

📸: Gen Abel Kandiho. On 9-December-2021, USA slapped sanctions against the then CMI Commander Gen Abel Kandiho. 📸: Gen Kale Kayihura. On 9-December-2022, UK slapped sanctions against former Police Boss Gen Kale Kayihura. 📸: Commissioner General of Prisons, Johnson Byabashaija. Again on this 4-December-2023, the same USA has slapped sanctions against Uganda Prisons Commander Johnson Byabashaija over alleged torture and human rights abuses in Prisons across Uganda. We ask, has USA and UK made December as an LCM to slap sanctions against high ranking government officials in Uganda even when the sanctions just remain on paper without deeper investigations to ascertain logical conclusions or remedy to that effect ?. #iip_updates  #Information_is_Power  #we_inform_the_uninformed

How to Host a Website for Free From Your PC or Laptop.

Why pay for a web hosting service when your old computer can do the same thing? Learn how to self-host your site. If you're planning to launch a website but don't want to pay recurring monthly or annual hosting fees, you can use any old laptop or desktop PC to host a website for free. It's a great way to utilize your old system instead of throwing it away. In this guide, we will install and set up services on our 10-year-old laptop to host a WordPress, Joomla, or custom HTML or PHP-based website with a free SSL certificate. MAKEUSEOF VIDEO OF THE DAY Things You Will Need to Host a Website Following are the pre-requisites to host a website for free from home with just your computer: An old laptop or PC running Ubuntu Server. A registered domain name for your website Ethernet cable to connect the laptop or PC to router for reliable and fast connection Step 1: Update and Upgrade the Packages After  installing Ubuntu Server on your computer , execute the following c...

WHERE IS MINISTER OF SEX SIMON LOKODO?. (He deserves a battle of soda from me! Ministe`r esalanga mabee. He is quick to run after Mrs Dr Stella Nyanzi and other Opposition elements. Government aza aza edo zuu vaa kpere bua). Anyway, below is the article! POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit'  Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos. Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.

POLICE OFFICER AKOL ESTHER CHARGED OF BEING A PUBLIC NUISANCE Naughty Officer Officer who embarrassed police after leaking nude photo charged 13.03.2018 She serves in the 'Very Important Persons Protection Unit' Akol Esther  (Courtesy) A female police officer whose nude photo surfaced on social media has been charged of being a public nuisance. Akol Esther serves in the Very Important Persons Protection Unit (VIPPU) of the police force. Kampala Metropolitan Police spokesperson Luke Owoyesigire says  Akol Esther might be demoted or expelled from the police force if found guilty of circulating nude photos . Police court is yet to announce date when Akol Esther is expected to appear for a hearing. This comes at a time when Pornography Control Committee is taking tough measures against persons circulating pornography content. The committee warned and promised to arrest persons who will circulate pornographic content.