Personal data including names, dates of birth, and addresses of nearly the entire population of Austria was up for sale on the dark web, after a Dutch criminal allegedly breached the nation’s administrator for television and radio licenses (GIS).
The breach, said to have affected about 9.1 million Austrians, or almost the entire nation, allegedly occurred after a GIS subcontractor failed to secure a customer database during a routine test.
"The perpetrator found the data with a search engine," investigators said. “Of course, you can't find the data via Google."
Although the attack was discovered nearly two years ago, the culprit was arrested in November of 2022, according to Austria's Federal Criminal Police Office. A 25-year-old male was apprehended from an apartment in Amsterdam, and investigators say that they were also able to seize a good amount of cryptocurrency believed to have come from the peddled data.
Police also seized a German server used by the alleged attacker to store and download the exfiltrated data which also included sensitive information from about 130,000 databases, including info on individuals (even patient data) from the Netherlands, China, Colombia, Thailand and the UK.
This behemoth of a breach could lead to repeated targeting of Austrians by cybercriminals, who may attempt to defraud and impersonate them using their information. The attackers could also strengthen their efforts to financially compromise victims by pairing the stolen information with additional data that can be found online – either from social media accounts or from other data breaches and leaks, offered for free on the dark web.
Exposed digital health records or medical data may also fuel blackmail, identity theft and fraud, inflicting tremendous financial losses and emotional harm on victims.
Personal data, no matter how insignificant it may seem, can be misused by digital miscreants to harm you. In the data breach pandemic, it has become vital for digital citizens to adopt robust security and begin proactively defending their online identities against abuse and fraud.
Take ownership of the digital you, with Bitdefender Digital Identity Protection. This dedicated identity protection tool helps users stay on top of data breaches with 24/7 real-time monitoring and easily assess their risk of falling victim to fraudsters. All revealed data entries or risks to your identity come with easy 1-click action items that enable you to secure your accounts and data. Moreover, you can easily sniff out potential social media impersonators who may ruin your online reputation and livelihood.