- A hacker stole into Bulgaria’s tax agency and looted the personal data of every single working adult in the country.
- In June, the bank, salary, and social security details of five million Bulgarians were stolen from the country’s tax register, the National Revenue Agency (NRA).
- Last Wednesday police charged 20-year-old Kristian Boykov with hacking “critical infrastructure,” but downgraded the charge due to his young age on Thursday.
- Bulgaria’s prime minister Boyko Borissov has called Boykov a “wizard” and said his government need to hire hackers like Boykov with “unique brains.”
- Visit Business Insider’s homepage for more stories.
A hacker broke into Bulgaria’s largest tax database, and stole the financial details of every working adult in the country, before releasing them online.
In their search for the perpetrator, police arrested 20-year-old Kristian Boykov last Tuesday, charging him with committing a computer crime against critical infrastructure on Wednesday, Reuters reported.
Sofia City Prosecutor’s Office allege Boykov hacked the National Revenue Agency (NRA) database in June, taking the social security, bank, and salary information of five million taxpaying Bulgarians.
Police raided Boykov’s home in Sofia on Wednesday and seized computer devices containing encrypted data, Reuters reported.
Yavor Kolev, head of the police’s cybersecurity unit, said the evidence “suggests that the suspect is connected to the crime.”
Read more: 7 things you can hire a hacker to do and how much it will (generally) cost
Boykov’s initial charge, which could have seen him face a maximum of eight years in jail, was downgraded by the prosecutor’s office on Thursday due to a “lack of previous criminal record, his good character, and young age,” the Sofia News Agency reported.
He could now face three years in jail on one charge of committing a crime against an information system.
Boykov’s lawyer, Georgi Stefanov, told Reuters his client denies the charge.
The hack is the country’s biggest-ever data breach, and the government is fining the NRA €20 million ($22.4 million) over it.
Bulgarian blogger and political analyst Asen Genov told CNN: “We should all be angry … The information is now freely available to anyone.”
“Many, many people in Bulgaria already have this file, and I believe that it’s not only in Bulgaria.”
Read more: A security flaw found in WhatsApp and Telegram on Android lets hackers mess with your photos, payments, and voice notes
On July 17, Bulgaria’s Prime Minister Boyko Borissov called Boykov a “wizard,” and said the state needs to hire security technicians with “unique brains” like his.
The nature of the attack has led some cyber-security experts to label the perpetrator a “white hat hacker” — meaning he or she seeks to expose a weaknesses in government software to raise awareness.
NPR reported that Boykov had previously hacked the Bulgarian education ministry’s website in 2017 — just to expose its vulnerabilities. He told media he was “fulfilling my civic duty.”
Rossen Bachvarov, a NRA spokesman, told CNN: “As there is undergoing investigation, we couldn’t provide more details about reasons behind the hack.”
Join the conversation about this story »
NOW WATCH: A year after Armenia’s 250,000-person revolution, Prime Minister Nikol Pashinyan explains what comes next for the country