Bulgarian IT Specialist Held Over Taxpayer Data Hack

A 20-year-old Bulgarian cybercrime specialist has been arrested over a hack and leak of a trove of taxpayer data, which authorities had initially suspected was a Russia-linked cyberattack, an official said Wednesday.

“The hack was carried out in Bulgaria, in Sofia, (allegedly) by a 20-year-old man,” anti-cybercrime unit head Yavor Kolev told bTV television.

The man, whose job it was to test large systems’ vulnerabilities to make sure they can withstand cyberattacks, was arrested at his workplace Tuesday.

His work and home were also searched, Kolev said, adding investigations were still going on, including into whether the man had any accomplices.

On Monday anonymous hackers sent several Bulgarian media outlets a link to tens of thousands of files with sensitive taxpayer information that they said came from a finance ministry server.

The email was sent from an address registered with the Russian internet provider Yandex, sparking speculation that the attack came from Russia.

Interior Minister Mladen Marinov linked it to Bulgaria’s recent decision to buy eight F-16 fighters from the US to replace its ageing fleet of Soviet MiG-29 aircraft.

But Kolev said Wednesday that the email’s claim had turned out to be unfounded — no link could be made between the email and the hack — and that more messages claiming responsibility could be expected.

According to local media, the leaked documents came from a government database and included personal identification numbers and income figures belonging to over one million people and legal entities.

The hackers claimed they had another 10 gigabytes of similar data and that in total there is information on as many as five million people.