SOFIA (Reuters) - Mariana Krasteva, a 55-year old engineer, is one of more than four million Bulgarians, whose personal data was stolen in the country’s biggest-ever cyber breach, leaving her fearful of what fraudsters might do with the information.
Prosecutors have charged the owner of a cybersecurity company and two of his employees with cyber-terrorism over the hacking of the country’s tax agency and the theft of the personal and financial records of nearly every working adult.
The three men have denied wrongdoing.
The breach was made public on July 15, after an email with a link to the leaked data was sent to local media, calling the country’s cybersecurity “a joke”.
The leak has deeply unsettled many in the Balkan country of 7 million, one of the poorest and most corrupt European Union member states.
“What if someone claimed ownership of my apartment? I have to live in constant fear of what may happen,” Krasteva said.
Officials have apologized to Bulgarians over the breach but have also admitted the government has to invest more in software and pay more to protect public data.
“Bulgaria spends too little on cybersecurity - we spend about 5 million levs ($2.85 million) per year, which is nothing,” deputy Prime Minister Tomislav Donchev said.
The tax agency has told citizens there was no immediate risk from fraudsters and has produced a search tool, where people can check whether their records were compromised, but it does not say exactly what was leaked.
The tax agency said the leaked data was fragmented and not sufficient for eventual fraud. It has told banks to be extra vigilant and urged people not to change their ID cards.
Krasteva, however, feels she needs to have new documents to avoid eventual abuse or fraud. “This means spending a lot of time and money,” she says.
Writing by Tsvetelia Tsolova, Editing by Alexandra Hudson