A 20-year-old cybersecurity worker has been arrested in Bulgaria and charged with hacking the personal and financial records of millions of taxpayers in the country’s biggest ever data breach.
Bulgaria’s NRA tax agency is facing a fine of up to €20m over the hack, which was revealed this week and is thought to have compromised the records of nearly every working adult among the country’s population of 7 million.
Experts who have examined the stolen data said the techniques used in the attack were relatively basic and spoke of a lack of adequate data protection measures more than the hacker’s ability.
Yavor Kolev, head of the police’s cybersecurity unit, said the male suspect was arrested on Tuesday afternoon. Officers raided his home and office in the capital, Sofia, and seized computer devices containing encrypted data.
The investigation into the hack was still at an early stage, he added, and police were looking into the possibility that other people were involved.
Sofia city prosecutors said the man had been charged with a computer crime, would be held for another three days and faced up to eight years in jail if found guilty.
Via The Guardian