We use cookies on this website to provide a user experience that’s more tailored to you. By continuing to use the website, you are giving your consent to receive cookies on this site. Read more about our Cookie Policy and Privacy Policy.
I acceptHome > Resources Center > Blog
2019-07-22
The system of Bulgaria’s National Revenue Agency (NRA) was hacked in this June. The financial data of almost all taxpayers in the country was found to be stolen by hackers. The incident becomes the country's largest ever data breach. According to reports, the attack was happened through the vulnerability in the VAT refund system and affected about 3% of the agency’s database, involving records of more than 5 million Bulgarians. Compromised data includes names, national IDs, addresses, personal income, tax records, and even medical records. The incident was not revealed until 15th July when the local media received the email from hackers.
It was not the first time the Bulgarian government was targeted. The country's Commercial Registry system was attacked by hackers one year ago. The incident revealed the government lacks of cybersecurity awareness and did not strengthen their information security measures, resulting the large scale of data breach within one year of last cyberattack.
The cyberattack is extraordinary, but it is not unique. It will happen in any organization. As long as the data is stored in a system which connects to the network, there may be potential of cyberattack risk and infringement of personal data privacy issues.
To ensure information security, enterprises must first navigate the laws and regulations established by local governments for data privacy. For commercial activities in EU and China, businesses must comply with the EU General Data Protection Regulation (GDPR) and China’s Cybersecurity Law respectively. Moreover, appropriate data processing and storage procedures should be established to ensure compliance. To mitigate cyber threats, enterprises should also assess security vulnerabilities and potential risks at their systems from time to time with effective security measures.
CITIC Telecom CPC provides one-stop shop information security managed services to protect enterprises from cyber threats. Contact our security consultants now for a free consultation today!
General Enquiry / Sales Hotline +31 20 567 2000
Service Hotline +372 622 33 00
Copyright © 中信國際電訊(信息技術)有限公司 CITIC Telecom International CPC Limited
Thank you for your enquiry.