The Dutch police have arrested a hacker believed to have a database containing the names, genders, birthdays and addresses of almost every Austrian citizen. The arrest was made in November 2022 after an investigation by the Austrian police but was only made public on January 25 as the suspect was being held under maximum security conditions.
The 25-year-old suspect is believed to be the hacker offering the data for sale in a hacking forum in May 2020. Austrian police came across this data and bought it in an undercover operation, eventually tracing the address back to a home in Amsterdam.
Investigators have since confirmed the authenticity of the database containing nearly nine million entries. Considering Austria’s population is 9.1 million at the time of writing, there’s a good chance that the database covered almost every Austrian citizen.
Additionally, the suspect had also put similar databases from Columbia, Italy and the Netherlands for sale, although the police didn’t have any more information on this. Since the data was readily available, police believe that it’s possible unknown third parties might have gained access to the data simply by paying for the dataset.
This information is registration data that the country’s residents are required to give to the authorities. The source of this breach is reportedly the Austrian television and radio license provider. According to the AFP, The suspect is facing charges of being in possession or making non-public data available. possession of phishing software and hacking tools, computer trespassing and crypto laundering valued at more than €450,000.
The suspect was already known to international police and is currently under investigation by the Dutch police and judiciary, according to the Austrian police. There’s no word on the implications of this breach for Austrians at the moment.
In the News: Hive ransomware gang’s network seized by law enforcement