Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Privacy Security

Personal and Salary Data for 637,138 Albanian Citizens Leaks Online (therecord.media) 15

Posted by msmash from the security-woes dept.
The Albanian government has confirmed and apologized this week for a data leak that exposed the personal and salary-related information for 637,138 citizens, more than 22% of the country's entire population. From a report: Details such as names, ID card numbers, salaries, job positions, and employer names were shared over the weekend on WhatsApp as an Excel document. The file included what appeared to be tax and salary information filed by companies with the Albanian government for the month of January 2021, according to local media. In a press conference today, Prime Minister Edi Rama confirmed and apologized for the breach. "According to a preliminary analysis, it looks more like an internal infiltration rather than an outside [...] cyber-attack," Rama told reporters, according to the Associated Press. The leak is now being investigated by the Tirana Prosecutor's Office, a government spokesperson said.
This discussion has been archived. No new comments can be posted.

Personal and Salary Data for 637,138 Albanian Citizens Leaks Online More

Personal and Salary Data for 637,138 Albanian Citizens Leaks Online

Comments Filter:

  • Looks like a great dataset for playing with pivot tables!

  • If your crime is large enough, an apology will do.

    The data will be a treasure trove for scammers, phishers, digital plunderers and more scum. Why was all this data connected to the internet? It is perfectly possible to build an outer layer that can only issue certain queries, and keep the data itself safe in an internal location. This outer layer can also be protected with fail2ban or similar systems.

    But governments need no knowledge, even is meddling without the knowledge is downright dangerous. And if com

    • From TFS:

      shared over the weekend on WhatsApp as an Excel document

      According to a preliminary analysis, it looks more like an internal infiltration rather than an outside [...] cyber-attack

      From TFA:

      The incident marks the second major leak of government data after the data of more than 910,000 citizens leaked in April, just ahead of a major election.

      That leak was believed to have been a copy of the country's voter registration database that was provided to the ruling party, the Socialist Party, for electoral purposes.

      After this week's second leak, the Democratic Party [right-wing conservative opposition party] has now formally asked for Rama's [Prime Minister of Albania, chairman of the Socialist Party of Albania] resignation, accusing its opponent of leaking salary information for political reasons.

      I.e. Data was not connected to the internet.
      And no level of system protection will protect you from parts of the system which will happily use any means to become bigger parts of the system.
      Like for example ousting the Prime Minister either out of power or out of Party or both.

  • Wasn't Albania one of the countries held up as an example of how great it is doing everything online? You can file your taxes! You can get your benefits! You can vote!

    Not that any of this is inherently bad, but it showcases the need for developers of critical apps to understand security and practice security-first design.

    Let's assume for the moment that this was likely an inside job as TFS states. This could have been mitigated by the giving everyone the least amount of access they need to do their job, an

    • Wasn't Albania one of the countries held up as an example of how great it is doing everything online? You can file your taxes! You can get your benefits! You can vote!

      No I think that's Estonia. Balkan, Baltic, whatever.

      • No I think that's Estonia. Balkan, Baltic, whatever.

        Yeah, you're right. Estonia was the digital-everything one I was thinking of, but Albania seems to be on that bandwagon as well. Guess I wasn't too far off. *shrug* At least I'm not in charge of IT security for a country, I just bitch about it on a backwater comment board...

    • Re: (Score:1)

      by Zehsi ( 5630632 )
      lol no, Albania is just a little Asia in Europe.
  • First thought was "Wally!!!" Then realised it said Albania, not Elbonia,

  • Nope.

    The incident marks the second major leak of government data after the data of more than 910,000 citizens leaked in April, just ahead of a major election.

    That leak was believed to have been a copy of the country’s voter registration database that was provided to the ruling party, the Socialist Party, for electoral purposes.

    It seems likely this was a data breach for political advantage, rather than a mundane identity theft operation. Names, ID numbers, and salary information would be handy for someone interested in voter fraud, too.

  • Obligatory offensive joke (Score:3, Funny)

    by Anonymous Coward on Saturday December 25, 2021 @10:47AM (#62114135)

    An Englishman, a German and an Albanian were on a small airplane...
    They had to guess their own country just by letting letting their hand hang from the airplane.

    The Englishman goes first... "we are flying over Great Britain!"
    -"How did you find out?"
    -"I touched Big Ben" - says the Englishman.

    As second goes the German... "we are flying over Germany!"
    -"How did you find out?"
    -He says: "I touched the Brandenburger Tor"

    Now it was the Albanian's turn... "we are flying over Albania!"
    -"How did you find out?"
    -"They stole my watch..."

  • Tax data was also leaked in Norway https://www.skatteetaten.no/en... [skatteetaten.no]

Slashdot Top Deals

An Ada exception is when a routine gets in trouble and says 'Beam me up, Scotty'.

Close