For sellers

Bulgaria’s National Revenue Agency Hacked

23 August 19

On the 19th June 2019, a twenty year old hacker gained access to the details of more than 5 million people registered with Bulgaria’s National Revenue Agency (NRA).

 

Personal details of every working person, everyone who owns a property, has a bank account, Bulstat or has paid taxes in the country was exposed. The data was published online and made available for download via various hacking sites.

 

The perpetrator, Kristian Boykov, was arrested and charged with ‘hacking critical infrastructure’ and faced up to 8 years in prison, the charged has since been reduced to ‘crime against information systems’, which carries a maximum 3 year jail term. Boykov previously hacked the Education Ministry’s website in 2017 and claimed that he was fulfilling his civic duty to point out flaws in the system. His solicitor denies that his client has any involvement, the case continues.

 

Prime Minister, Boyko Borisov, stated that the government must employ people with such minds to better defend against future attacks and that Boykov was a ‘wizard’.

 

The government faces fining itself 20 million Euros for the data breach. Experts have concluded that the hack was not complicated and that a lack of preventative measures by the government were to blame, particularly out dated computer systems. This comes less than a year after the country’s Commercial Registry was taken offline by a cyberattack; every company, stock holding, shareholder, director, company account was rendered paralysed for weeks as Bulgaria’s business community ground to a halt. Unable to prove ownership or administer transactions, the cost to the economy, the country and to the individual shareholders will never be known.   

 

 

What does it mean for property owners?

 

The hack of the NRA exposed personal details including those relating to taxes paid, earnings (declared in Bulgaria), bank account numbers and balances in Bulgaria. HMRC has systematically written to every UK citizen likely to have been affected by this, which is realistically everyone who has owned property in Bulgaria in the past 15 years.

 

Fortunately, most property owners have very little to worry about as the details exposed can only relate to the transaction value and taxes paid for a prior purchase, sale or a bank account that is likely to be used for rental income only. No action is required by overseas owners. For Bulgarian citizens or foreigners working in Bulgaria it is sadly much more serious and they must be more vigilant with significant details of their worth and personal details now likely to be in the hands of organised crime. No retrospective action is possible.

 

For any overseas owner concerned we recommend closing any dormant or unused bank accounts and changing passwords if you have active internet banking.