July 16 (SeeNews) - Bulgaria's National Revenue Agency (NRA) said on Tuesday it has detected unauthorized access to about 3% of its database in an investigation of a hacker attack that led to a massive leakage of personal data of Bulgarian and foreign citizens and companies.
The agency's database was hacked some 20 days ago, NRA said in a statement.
All electronic services provided by NRA are currently operating normally, with the exception of the service for refund of VAT paid abroad, the revenue agency said, adding that the unauthorized access to the platform has been limited.
The breach in security of the agency's database has been made through the VAT refund service, finance minister Vladislav Goranov said following a meeting of the security council chaired by prime minister Boyko Borissov. Earlier on Tuesday, Borissov convened the security council over the hacker attack on the NRA's servers in which information from the agency's database, including names, personal ID numbers and incomes was emailed to Bulgarian media.
"What we have discovered so far is that a message has been sent from a Russian-registered domain to Bulgarian media with links leading to servers with uploaded data," interior minister Mladen Marinov said following the meeting of the security council, according to an audio file published by public radio broadcaster BNR.
According to what the revenue agency has determined thus far, the database coincides with the information available in the NRA platform, which confirms that there has been unauthorized access to the agency's database, Marinov added.
"We're talking about threatening the confidential data of legal entities," NRA spokesperson Rosen Bachvarov said on Monday.
The security council at the government comprises key cabinet ministers and their deputies as well as the secretary general of the interior ministry, the chief of defence and heads of intelligence and counter-intelligence services.