Bulgaria’s biggest data breach – Tax Agency Hacked

Bulgaria recently faced the most significant data breach of its history, which includes both the personal and financial information of around its 5 million adult citizens out of the 7 Million total made public.

This considerable leak is said to happen on June 2019 in the servers of the Bulgarian National Revenue Agency (NRA). The breach was stayed covered until the hackers themselves reached and mailed the local media of Bulgaria. Hackers sent them the download link of 11GB stolen data, which included personal and financial information of the taxpayers.

The hacker called himself a Russian and the Mail address through which he contacted Bulgarian local media also belonged to Russia.

It also came up that the hacker did not send all the breached data to Bulgarian local media. He just sent 11GB of data, whereas the total compromised data size is of almost 21GB in total.

Suspect Arrested

After all this matter, the government took action and arrested a suspect who was said to be a White hat hacker (Ethical hacker), named Christian Boykov.

The Bulgarian Police raided his house and office in the capital city of Sofia and seized all the computer machines that included the encrypted data, according to local media.

Display-Picture of Christian Boykov on Facebook.
        More About this Hacker


This white hat hacker recently found a loop-hole in the Ministry of Education and Sciences (MES) website. He tried to get it fixed and reported it, but the Ministry ignored this issue. Then he gave an interview in “Lords of the Air,” a famous T.V show and there he told about the problem so that it can get fixed.

After that interview, he caught the eye of a Cyber Security company named as “TAD Group” and, he became a part of that group and started his career as an ethical hacker. The company also stated Christian Boykov Arrest:

Statement Source

Another statement was given by Christian’s lawyer to prove his innocence, where he said that Christian is a person who finds traces but does not leave traces. His lawyer as well noted that there is no evidence against Christian on this matter.


Christian Boykov Punished

Sofia prosecutors traced one of the files in the data breach that lead them to a username used by Boykov. The lawyer of Christian Boykov rejected their statement, and he said that Boykov is not involved in all this.


This 20-year-old suspect was charged with another computer crime which he did against critical infrastructure that could lead him in jail for eight years, but those charges were wiped off, and he was given a lesser charge for three years in prison.


Bulgarian local media news upon this matter: Read Now.

Tell us what you think!

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: