[BreachExchange] Man Accused Of Hacking Bulgaria's Tax Agency Is Released And Given Lesser Charges

Destry Winant destry at riskbasedsecurity.com
Mon Jul 22 09:36:26 EDT 2019


https://www.npr.org/2019/07/21/743912780/man-accused-of-hacking-bulgarias-tax-agency-is-released-and-given-lesser-charges

A cybersecurity expert accused of hacking the data of more than 5
million Bulgarian taxpayers was released by police Wednesday after his
charges were downgraded.

Kristian Boykov, a 20-year-old Bulgarian cybersecurity worker, was
arrested in Bulgaria's capital Sofia last week in connection to the
breach. Police raided his home and seized computers and mobile devices
with encrypted information. The hacker was found by police through the
computer and software used in the attack, according to the Sofia
prosecutor's office.

Due to his work, which involves testing computer networks for
potential vulnerabilities, some believe Boykov is a "white hat hacker"
— a hacker that breaks into computer networks to expose
vulnerabilities and push for the weaknesses to be fixed.

He has made news in Bulgaria before. In 2017, he hacked the Bulgarian
education ministry's website to expose its vulnerabilities. In a
television interview, he described the work as "fulfilling my civic
duty."

Sofia prosecutors claim they tracked one of the stolen files from the
latest data breach to a username used by Boykov. Boykov and his lawyer
reject the allegations against him and say he was not involved in the
incident.

The hack of the nation's tax agency database is believed to be the
largest data breach in Bulgaria's history. Nearly every working adult
in Bulgaria was impacted. In a country of 7 million, more than 5
million people had personal data such as social security information,
addresses, incomes and names leaked and made easily accessible on the
Internet.

Boykov was initially charged with a computer crime against critical
infrastructure, with a maximum sentence of eight years in jail. Those
charges were dropped and he was given a lesser charge of crime against
information systems, which has a maximum jail sentence of three years.

The initial hack is believed to have happened in June. The breach
remained undetected until an email from a Russian email address was
sent to Bulgarian news outlets last week claiming responsibility for
the attack. In the email, the sender claimed to be a Russian hacker,
gave downloadable links to the stolen information and mocked
Bulgaria's cybersecurity efforts.

Police are still in the early stages of the investigation. If Boykov
was in fact involved, it is unknown whether he worked alone or as part
of a larger group, but police are looking at outside involvement as a
possibility.

According to The New York Times, some Bulgarian officials have
suggested that Russia may have been behind the attack as retaliation
for the country's purchase of American-made fighter jets.

Last year a data protection law was implemented across the European
Union that fines companies that mismanage their data. Bulgaria's tax
agency is facing a fine of up to 20 million euros, or $22.4 million,
for the data breach.

Experts who examined the stolen data in Bulgaria said the hack wasn't
a complicated operation, and that lack of preventative action from the
government is to blame. Out-of-date computer systems are especially
vulnerable to a breach. Less than a year ago, the country's Commercial
Registry got taken down by another cyberattack.

Prime Minister Boyko Borisov said in a government meeting on Wednesday
that Boykov is a "wizard" hacker and that the country should hire
similar people to work for the state.


More information about the BreachExchange mailing list