Political analyst and blogger, Asen Genov, was enraged when his personal data was exposed to the public this week. The tax revenue office got hit by hackers where over 5 million Bulgarians’ records were compromised.
With a population of roughly 7 million people, the proportion of the attack means that a little more than 70 percent of the country has been impacted.
“We should all be angry. The information is now freely available to anyone. Many, many people in Bulgaria already have this file, and I believe that it’s not only in Bulgaria,” said Genov. Although Genov isn’t an IT specialist, there is no doubt of data infringement because he was able to find his stolen information online.
The scale of the attack was large but not unusual. Government databases are hot targets for hackers, especially blackhats. A lot of the personal data that was taken is unlikely to change over the next couple of decades.
“You can make (your passwords) longer and more sophisticated, but the information the government holds are things that are not going to change,” says information security expert and the chief technology officer at Clearswift, Guy Bunker. “Your date of birth is not going to change, you’re not going to move house tomorrow”.
Data attacks were once acts that were carried out only by talented hackers, but these days just about anyone with the right knowledge can get basic hacking tools to perform an attack.
Governments are not unfamiliar with the idea that they need to upgrade their cybersecurity. The United States Department of Veterans Affairs was victim to one of the first serious infringements in 2006, when personal information of over 26 million veterans was jeopardized.
“And it was all, ‘Oh, this is dreadful. We must do things to stop it.’ And here we are, 13 years later, and an entire country’s data has been compromised, and in between, there’s been incidents of large swathes of citizen data being compromised in different countries,” says Bunker.