Bulgarian tax agency breach may have compromised 5 million people

The country only has a population of 7 million.

Bulgaria's government is dealing with a massive security breach that might have affected almost all adult residents' information. According to Reuters, the country's finance minister has confirmed that hackers infiltrated the National Revenue Agency's (NRA) network at the end of June, and one of the tax agency's officials said the attack likely originated from outside the country. A person claiming to be a Russian hacker told the Bulgarian media that their group was responsible for the attack in an email sent via a Russian address.

The email's author said they infiltrated 110 databases that contain sensitive data, including "critically confidential" information. They also claimed that their attack affected 5 million Bulgarian citizens, foreign citizens and companies -- an enormous number for a country with a population of 7 million. In an announcement posted on its website on July 15th, the NRA said that local media received an email with a download link for files allegedly belonging to the Bulgarian Ministry of Finance.

The self-proclaimed hackers also told the media in the email that the initial leak only contains 11GB of data, and that they have 10GB more in their hands. Bulgarian newspaper 24 Chasa, Reuters said, reported that one emailed file contained over 1.1 million personal ID numbers with people's income and healthcare information, as well as social security numbers. Further, some of the records dated back to 2007.

Bulgarian Finance Minister Vladislav Goranov said, however, that while millions of records were involved, the leaked information wasn't classified and didn't endanger financial stability.

The attackers' motives and point of entry aren't entirely clear at this point. "The state of your cybersecurity is a parody," the hackers reportedly wrote in the email, indicating that they wanted to highlight the NRA's lack of strong cybersecurity measures. Officials also believe that they might have gained access to the agency's database by exploiting a weakness connected to filing tax returns from outside the country.