From . – 01.25.2023 17:46 (act. 01.25.2023 21:21)
Millions of Austrian registry data were stolen. ©Portal/Kacper Pempel (symbol image)
A hacker in the Netherlands stole nine million Austrian registration data and offered it for sale on the Internet. The data theft itself in the context of GIS became known more than two years ago, it may have gone to the account of a person arrested in the Netherlands, according to BK experts on Wednesday.
It was in May 2020 that the theft of data became known, and now it has also become clear: last November, a “very large fish” was arrested in the Netherlands, which was probably responsible for the theft, according to experts from the Federal Criminal Police Station. (BK), journalists reported on Wednesday.
GIS hired IT company to restructure database
The hacker obtained the data through a glitch at a Viennese IT company that GIS hired to restructure its database. Virtually all Austrian registration data was affected, namely names, dates of birth and registration addresses of all citizens, said Klaus Mits, department head of the Cybercriminal Police Office at BK. The GIS had this data and a second construction-related database to track any transmission rate evasion. They hired a renowned Viennese IT company to restructure these databases and handed over the data to the company. BK experts emphasized that this is a fairly common procedure.
The error must have happened to the subcontractor: an employee of the company may have used the real GIS registration data for a test, and this database was available on the Internet without access protection, according to estimates by BK specialists about a year ago. week. “The perpetrator found the data with a search engine,” said a BK investigator. Addendum: “Of course you can’t find the data via Google.”
Researchers bought data
BK received information about the New Zealand offer, which an initially unknown person had made under the pseudonym “DataBox” on the hacker forum “Raidforum.com”. The BK emphasized that there was therefore good cooperation with the New Zealand authorities. The investigators then bought – secretly – the data for an average value of four digits and thus managed to clarify the case.
In several rather extensive investigative steps – including securing a server in Germany from which the perpetrator downloaded data – the identity of the man, a 25-year-old Dutch citizen, was determined. Investigators also discovered the payment – data money was transferred in cryptocurrency. “Each Bitcoin transaction, for example, is openly recognizable. The trick is to get real people from this Internet data,” explained the BK expert.
Apparently, around 130,000 databases in the 25-year-old’s “portfolio”
The Federal Criminal Police Office contacted the Dutch authorities. The further clarification of the case took place in close cooperation and had a far greater impact than the sale of the Austrian registration data. Because the 25-year-old apparently had around 130,000 databases in his “portfolio”. In addition to Austria, data came from the Netherlands, Thailand, China, Colombia and Great Britain, among others. Apparently, he also offered patient data – from other mentioned nations – as the Dutch authorities announced in a broadcast on Wednesday.
Hacker known to the police
The hacker has been known to the international police for some time. He used to see himself as a “whitehead” – a hacker who penetrates the systems of organizations, institutions and companies without any enrichment intention to identify weaknesses. In that context, he probably fell out with much of the Dutch hacker scene a few years ago. According to BK experts, however, it can now be clearly attributed to “blackheads”, that is, those hackers who act criminally with the intention of getting rich. One side note: US authorities have closed down the hacker forum where the 25-year-old offered up the stolen databases.
Indeed, according to the investigators, the relevance of reporting data in the wrong hands should not be underestimated. After all, it was all data from the President of the Republic and the Federal Government downwards. For example, scam masterminds involving fake police officers may be interested in the data, as birthdays are also included. And so the fraudsters would have it in writing who is a little older and therefore possibly a valuable victim.
Interior Minister congratulated investigators
Interior Minister Gerhard Karner (ÖVP) and BK Director Andreas Holzer congratulated the investigators: “Fastly growing cybercrime will continue to be fought with all vehemence and new methods in the future,” said Karner. “This case shows how important and necessary investigations in cyberspace are. Our investigators have the know-how and no perpetrator should be sure they can disappear into the anonymity of the Internet,” Holzer emphasized.