The data of 5 million Bulgarians has been compromised after a major cyberattack on the National Revenue Agency (NRA), the country’s tax reporting service.
According to Capital, a weekly newspaper in Bulgaria, 57 folders were sent to the country’s media on Monday. That information contained over a million rows of PINs, names, addresses, and earnings, including that of several Capital journalists and Bulgaria’s finance minister.
There’s also a folder containing a list of hundreds of thousands of faces, which Capital believes are registered users of online betting sites because these faces are linked to player IDs and specific IP addresses.
In Parliament, the finance minister said anyone attempting to exploit the data “would fall under the impact of Bulgarian law,” the BBC reports.
While some of the data is over a decade old, some files contain entries made in June, which suggests the hack took place recently. An anonymous email accompanying the data, however, said it’s not the full extent of the hack; apparently, only 11GB of 21GBs of information was sent to the media.
The email comes from a Yandex account, the Russian email provider, according to Reuters. Interior Minister Mladen Marinov tells Reuters that the attack was likely motivated by the fact that Bulgaria recently purchased Lockheed Martin F-16 fighters, replacing aging Soviet planes.
In a statement made the next day, the NRA said its investigation showed “unauthorized access to about 3 percent of the information contained in the NRA’s databases … carried out almost 20 days ago,” and that the NRA had restricted unregulated access to sensitive information.
In an interview with the BBC, cyber-security researcher Vesselin Bontchev, assistant professor at the Bulgarian Academy of Sciences, said it’s “safe to say that the personal data of practically the whole Bulgarian adult population has been compromised.”