Asen Genov is pretty furious. His personal data was made public this week after records of more than 5 million Bulgarians got stolen by hackers from the country’s tax revenue office.
“We should all be angry. … The information is now freely available to anyone. Many, many people in Bulgaria already have this file, and I believe that it’s not only in Bulgaria,” said Genov, a blogger and political analyst. He knows his data was compromised because, though he’s not an IT expert, he managed to find the stolen files online.
Already, download links claiming to offer around half the data from the hack of Bulgaria’s National Revenue Agency’s (NRA) databases have been shared on hacking forums.
The data was provided “Instakiller’, a trader in hacked data who is believed to operate out of Bulgaria and who has a reputation for sharing purloined data on shady forums.
That’s according to ZDNet, which has verified the authenticity of the shared database with local sources. It is the same database that was sent to local reporters last week – it’s 10.7GB in size, and contains 57 folders holding personal and financial information of individuals and businesses.
Meanwhile, the probe into Bulgaria’s National Revenue Agency (NRA) database hack has continued.
In a statement, NRA claimed that the attackers only accessed three per cent of the agency’s systems. Local media had earlier reported that data of about 70 per cent of the country’s population was compromised in the incident.
However, the attacker himself, in an email to local reporters, had suggested that the authorities in Bulgaria would seek to cover up the incident, rather than fix their flawed security.