Breach in the Road Agency application - hackers claim in an email to NOVA NEWS that they have obtained the profiles of over 100 thousand users and a thousand employees. RIA denies hacking and leakage of personal data, but an inspection shows otherwise.
LIMA is the official website of the "Road Infrastructure" Agency, which provides up-to-date information about the state of the republican road network. The hackers claim to have obtained personal data of RIA users and employees - public profiles, names, phone numbers, email addresses, as well as data about their vehicles.
In a statement, the Road Agency stated that no hacking of the LIMA system was detected, since the mobile application has not been functioning for more than 5 years and is no longer available. When it was available, the data that was entered was voluntary and not personal, RIA also claims. The LIMA system is currently accessible only through a browser, without registration or entering any data.
Cyber expert Khristian Daskalov explained that there is a purchase of old "information leaks".
"Such cases are exploited after purchase via the dark web. Usually, it involves a large amount of personal data. In more niche cases, information is generated with artificial intelligence, millions of personal identification numbers and Bulgarian names can be created, for example, in a matter of minutes. The Personal Data Protection Commission must investigate the case. If it is not a "leak" of sensitive data, there is an increase in phishing attacks, specifically against RIA employees. For $10, data of ordinary citizens is purchased to be used for spam advertising messages," he said.
The Chairman of the CPDP Ventsislav Karadzhov pointed out that personal data is divided into ordinary (three names, phone number, address) and additionally sensitive (biometric) - they have an increased level of protection. "All data administrators must report within three days of learning about a breach in their systems," he revealed.