Over 280.000 personal ID photos found in the hands of one hacker, after cyber attack on Estonian state information system, at July 23. According to information, the hacker is resident of Tallinn.
The perpetrator had already acquired names and ID numbers and then managed to obtain and photos, making individual requests from thousands of IP addresses. This data, however, was not enough for the attacker to access e-state services, which means that the normal means of authentication (ID card, mobile ID and SMART ID) have not been compromised.
A database of the Estonian Information Authority has been breached (RIA) containing document photos.
Speaking at a news conference today, Oskar Gross, head of cybercrime headquarters, said: "The data obtained by the hacker has been confiscated by the police."
RIA chief Margus Noormaa, who also appeared at the press conference, said the attack did not appear to have a clear and serious cause. Specifically, he said the following: "The violated photos were accidental - there was no purpose other than to obtain them."
These, in total 286.438, had been downloaded en masse from 9.000 different IP addresses - domestic and foreign - using malware network and fake digital certification and exploiting a vulnerability, Noormaa said, adding that digitally stored photos were the only data the hacker could obtain - no database had been compromised.
The data obtained by the hacker - photos, ID numbers and names of owners - was not enough to gain access to any of Estonia's e-state services, Noormaa said, adding that all those whose data had been compromised way, they will be notified through the state portal.
Estonian Minister of Entrepreneurship and Informatics Andres Sutt described the incident "Clear attack on the Estonian state".
In particular, he stated the following: "Cybercrime is on the rise and that means we must constantly invest in cybersecurity at both the public and private levels.". He added that he intends to raise this issue and its possible funding at tomorrow's cabinet meeting.
"I will expedite the replacement of some older data systems and solutions. "We have begun to lay the groundwork for basic IT infrastructure and support, which in turn will enhance cybersecurity."