In May 2020, on the RaidForums dark web forum, a 25-year-old hacker from the Netherlands (DataBox) put up for sale a dataset that contains the name, gender, address and date of birth of Austrian citizens. The police confirmed its authenticity. The data was stolen from a misconfigured cloud database that the attacker found through a search engine.
The set contains about 9 million rows of data. The population of Austria is approximately 9.1 million people. The hacker also put up similar datasets for sale from residents of the Netherlands, Italy, the UK, China, Colombia and Thailand, police said. In addition, the cybercriminal sold the medical data of patients from these countries.
The data was disclosed in May 2020. The affected database belongs to the Fee Info Service (German: GIS), the organization responsible for collecting fees for TV and radio licenses in the country.
According to German media, GIS has hired a third-party IT company from Austria to restructure its internal databases. The databases contained information about the whereabouts of citizens so that "evaders" from paying broadcast bills could be tracked.
It is reported that a company employee used GIS data during the test and left the database on the network without protecting it. Investigators said the hacker found the data through a search engine and added that the search engine was "not Google."
The stolen information is registration data - the basic information that residents are required to provide to the authorities. Investigators were able to find out that this data set was sold to an unknown person.
The cybercriminal was arrested in November 2022 in Amsterdam and is currently under investigation. The police said that the details of the incident were only released now so that they would not affect the investigation in any way.