Cybernews, an independent media outlet focused on cybersecurity, has reported that a large-scale data leak temporarily exposed the confidential personal data of millions of Georgian citizens.
On Thursday, Cybernews stated that the information, which later ‘mysteriously vanished’, was stored on the data analytics platform Elasticsearch on a server owned by a German cloud service provider.
The millions of files contained data such as ID numbers, full names, birth dates, and gender, they reported. The leaked data most likely also included insurance numbers and phone numbers ‘with descriptive information about the owner’.
According to Cybernews, there were two exposed indices. One included nearly five million personal data records, while the other contained over seven million phone records with associated personal information.
It is not yet known who is responsible for leaking the files.
The Georgian National Statistics office has stated the official population of Georgia is 3.7 million, however the leaked data may include duplicate entries and records on those now deceased.
Bob Diachenko, a cybersecurity researcher and owner of SecurityDiscovery.com, told Cybernews that even though the server was taken offline and public access closed shortly after the leak was discovered, the potential dangers for millions of people still remained.
He also noted that the data ‘appears to have been collected or aggregated from multiple sources, potentially including governmental or commercial data sets and number identification services’.
‘Without clarity on data ownership, recourse for affected individuals is limited, and it remains challenging to enforce data protection laws or seek accountability’, Diachenko told Cybernews.
‘Threat actors can weaponise personal data for both political or criminal activities. State-sponsored hackers can exploit the leak for political manipulation, disinformation campaigns, or targeted harassment. Meanwhile, profit-seeking hackers can exploit the data for various malicious activities’.
Diachenko assumed that the leaked information could potentially be ‘in the hands of malicious actors’, and could be used for fraud or influence campaigns.
‘In a region where geopolitical tensions run high, the misuse of personal information could further destabilise trust within the community, create opportunities for disinformation, and harm vulnerable individuals’, Diachenko said.
According to the Cybernews report, the leak was discovered on 4 October and access was restricted on 7 October.
Cybernews claimed that some of the information could contain the personal data of Georgian citizens which had previously been leaked in 2020.
In March 2020, Bitdefender reported that a database containing the private information of Georgian citizens was up for grabs on a dark web forum. The database contained 4.9 million entries, including full names, physical addresses, dates of birth, ID numbers, and mobile phone numbers.
Georgia’s Personal Data Protection Service told OC Media that they had not received any reports on the matter.
‘According to the circumstances described in the [Cybernews’s] article, the case is more likely a cyberattack, which is beyond the competence of the Personal Data Protection Service and is more likely to be investigated by investigative agencies’, the service stated.
The Interior Ministry did not immediately respond to a request for comment.
OC Media
