Client data of the Republika Srpska Tax Administration and e-mail addresses of employees of this institution are sold on criminal hacking forums on the black market, Banja Luka business portal Kapital (Capital.ba) announced.
They stated that the leak of taxpayers’ data occurred due to the use of official e-mails of PU employees for access to entertainment websites, classified ads and the LinkedIn social network.
“On several forums on the ‘dark web’, information has already been released and the sale of data from around 410 users of the Tax Administration has been offered. Data from the PU, i.e. the codes used by legal entities and individuals to access their profiles in the Tax Administration’s database, have also been offered,” reads the to the text.
According to IT experts, this has to do with poor protection of highly sensitive data and potentially with the break-in of the Integrated Health Information System of the RS (IZIS), which occurred on December 31, when all patient records were locked and the database was offered for sale.
“Data on the business operations of PU clients have been leaked, this information can be misused in several ways, for example, to access the PU database or to steal the identities of their users.”
The Tax Administration of Republika Srpska announced that all systems are functional and working at full capacity
“The Tax Administration is committed to applying the latest versions of traffic filtering technologies and maintaining the highest standards of information security. However, we are aware that attempts at malicious activities are always possible, and we are fully committed to detecting and suppressing potential threats,” the Tax Administration stated regarding the allegation. about the hacker attack and the sale of this administration’s data on the “black market”.
The Tax Administration points out that all data related to the Health Insurance Fund, with which they exchange data in accordance with the law, are currently under careful scrutiny.