Police enter offices of a cybersecurity company in Sofia, Bulgaria, July 23, 2019. REUTERS/Stringer NO RESALES. NO ARCHIVES
SOFIA (Reuters) – Police investigating Bulgaria’s biggest-ever data breach have detained a manager of a cybersecurity company, raided its offices and seized computers, they said on Wednesday.
The company, Tad Group, has become a focus of the investigation. Another of its employees, Kristian Boykov, is the only person so far charged with involvement in last month’s cyber attack on the tax agency, in which nearly every Bulgarian adult’s financial records were compromised.
Boykov, 20, has denied wrongdoing. He has been released from custody but banned from leaving the country.
Police and prosecutors searched Tad Group’s premises on Tuesday. “One senior manager has been taken in for questioning. He is being detained for 24 hours,” an interior ministry spokeswoman said. She did not identify the person detained.
Prosecutors have said they believe Boykov did not act alone and were now looking for instigators of the attack and contractors they used.
Prosecutors believe he was behind an email sent from someone purporting to be a Russian hacker who was offering stolen tax agency files to local media. They do not currently believe the attack came from abroad.
The tax agency is facing a fine of up to 20 million euros($22.5 million) over the breach, which officials have said compromised about 3% of the agency’s database.
According to financial newspaper Capital, the leaked data also included files from the EU’s anti-fraud network EUROFISC, which allows national tax administrations to share information on fraudulent activities and combat organized VAT fraud.
Reporting by Tsvetelia Tsolova; editing by John Stonestreet