Dutch hacker steals data from virtually entire population of Austria
A Dutch hacker has been arrested after reportedly stealing data belonging to 9 million Austrian citizens through a misconfigured cloud database.
The attack was initially discovered in May 2020 and concerned the Fees Info Service (GIS) – the organisation responsible for collecting TV and radio licence fees in the country.
It revealed at the time that it had suffered a data breach, with data previously stored by the GIS, belonging to Austrians, was discovered on a Dark Net marketplace.
The hacker, whose identity has yet to be revealed, was arrested in the Netherlands in November 2022, Austria’s Federal Criminal Police Office (Bundeskriminalamt/BK) revealed on 25 January, as reported by Die Presse.
The BK said the GIS had hired an unnamed IT company based in Vienna to restructure its internal databases. The databases contained information on citizen locations to help it track anyone attempting to avoid paying a broadcast fee.
An employee belonging to the company reportedly used the GIS data during a test and left a database online without securing it. Investigators said the hacker found the data through a search engine ‘that wasn’t Google’.
The data is thought to have affected nearly all Austrian citizens, as it has a population of around 9.1 million. The information included names, dates of birth, and registration addresses, said Klaus Mits, department head for the Cybercriminal Police Office in the BK.
The police were alerted by New Zealand authorities that an individual was trying to sell the data on hacker haven RaidForums using the name ‘DataBox’. Investigators then secretly bought the data for an amount of money they said was in four digits.
The culprit’s identity was then confirmed after a German server used by the hacker to store the downloaded data was seized and analysed. Investigators also found that the money for the data was exchanged in a cryptocurrency which the police said was easy to recognise.
Austrian police then contacted the Dutch authorities, and together they determined that the hacker had downloaded other information, in addition to the 9 million Austrian records, taken from around 130,000 databases.
The data wasn’t only from Austria – it included records on individuals from the Netherlands, the UK, China, Colombia, and Thailand. The hacker was also selling health data belonging to patients located in these other countries.
“The rapidly growing cyber crime will continue to be fought with all vehemence and new methods in the future,” said Gerhard Karner, interior minister at the Austrian government.
“This case shows how important and necessary investigations in cyber space are. Our investigators have the know-how and no perpetrator should be sure of being able to disappear into the anonymity of the internet.”
Ⓒ Future Publishing