Friday, January 24, 2025
HomeData BreachHacker Downloaded 286,000 ID Photos From Government Database

Hacker Downloaded 286,000 ID Photos From Government Database

Published on

SIEM as a Service

Follow Us on Google News

A local resident has been arrested on July 23, 2021, by Estonian officials, and as per the report, the officers of Estonia claimed that the suspect has used a vulnerability to obtain access to the state database.

Apart from this, the suspect has been also charged for uploading photos of 286,438 people from the accessed database. According to the officials of Estonia reports, this attack has been exposed due to a definite increment in the number of requests.

Hacker Abused RIA Database

The hacker has used a vulnerability to gain access to the database, and the officials have asserted that they have found a vulnerability in a database that is controlled by the Information System Authority (RIA).

After the attack being exposed, RIA declared that its database normally went through with five different subsystems for examination, before retorting a query to demonstrate a user’s government ID photo.

Moreover, RIA declared that the hacker had provided the name of an Estonian citizen, to exploit the vulnerability, and not only this but it has also provided a correct identification code that convince them to give access to the database.

Incident’s Timeline

The officers of an Estonian has mentioned the incident’s timeline, and here they are given below:-

  • July 16 – SK ID Solutions notifies regarding the huge number of queries to RIA.
  • July 21 – RIA identifies the mass download of data from the Identity Documents Database (KMAIS) via extra monitoring and concludes the service.
  • July 22 – RIA follows the possible IP address applied to download the photos and forwards the data to the police.
  • July 22 – RIA starts an internal investigation to discover the reason how manipulation of the control mechanism of the image storage system was feasible.
  • July 23 – The police arrests the man speculated of downloading the data and executes the fundamental procedural acts.
  • July 23 – RIA reopens the attached image system that again enables people to download their document photos.
  • July 23-27 – RIA also examines the possibility of using a related attack vector in some other services.

Authorities Retrieved The Stolen ID Photos

Apart from this, the cybersecurity experts are not yet confirmed that the hacker has transferred the photos to another party or not, and therefore, the experts have conducted an investigation that will help them out to know the exact matter.

Moreover, the agency claimed that this attack was not severe enough, and now the experts are notifying the Estonian citizens regarding the attack through emails, and not only this, but the citizens don’t have to take new photos and change their IDs as well.

And the official of Estonian also pronounced that they will eventually notify each and every detail of the investigation accordingly to the citizens.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights

A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a...

CISA Releases Six ICS Advisories Details Security Issues

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS)...

Juniper Routers Exploited via Magic Packet Vulnerability to Deploy Custom Backdoor

A sophisticated cyber campaign dubbed "J-magic" has been discovered targeting enterprise-grade Juniper routers with...

Beware of Fake Captcha Verifications Spreading Lumma Malware

In January, Netskope Threat Labs uncovered a sophisticated global malware campaign leveraging fake CAPTCHA...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

BASHE Ransomware Allegedly Leaked ICICI Bank Customers Data

A major cyber threat looms over Indian financial giant ICICI Bank as the notorious...

Threat Actor IntelBroker Allegedly Claiming Breach of Hewlett Packard Enterprise Data

A threat actor known as IntelBroker has taken to a prominent dark web forum...

Massive NBI Data Breach Exposes Millions of Users Records Online

The National Bureau of Investigation (NBI), the Philippines' top investigative agency, has reportedly been...