Hacker accused of having stolen personal data of all Austrians and more

A Dutch hacker who was arrested at the end of last year claims to have stolen the personal data of almost all Austrians.

At the end of November 2022, the Amsterdam police arrested a 25-year-old man from Almere who is suspected of having stolen or traded the personal data of tens of millions of people around the world.

The investigation into the activity of the man was launched by the Austrian Federal Criminal Investigation Service which spotted the man offering a dataset on a cybercrime forum in May 2020.

The man was offering a dataset containing millions of addresses and personal data from the Geburen Info Service GmbH (GIS), which maintains an archive of broadcasting reception equipment (TV, radio etc.) in the country and collects the viewing and listening fees from the citizens.

“In accordance with the RGG (TV and Radio Licence Law, 1, Nr. 159/1999) all broadcasting reception equipment in use or operational at a given location must be registered. The location of the equipment is taken to be places of residence or any other premises with a uniform purpose of use. If broadcasting reception equipment housed at a location is operational all details required for the calculation of the licence fee must be given.” states the GIS.

The Austrian Federal Criminal Investigation Service purchased the dataset and investigated financial flows and the forum used to advertise the stolen data. The Austrian police were able to trace an IP address used by the threat actor selling the dataset and discovered he was associated with a residential address in Amsterdam.

In May 2022, the Public Prosecution Service (OM) asked the Amsterdam OM to take over the criminal prosecution of the suspect. The Amsterdam police conducted its own investigation based on data provided by Austrian police and determined that the suspect traded personal and medical data for a long period of time.

“The team has strong indications that the suspect operated under the username used and would have offered non-public personal data – including patient data from medical records – on the forum for a fee under that name for a long period of time.” states the press release published by the Public Prosecution Service (OM). “This would not only concern sensitive data of Austrians. But also from people from other countries such as the Netherlands, Thailand, Colombia, China and the United Kingdom. The cyber crime forum has since been taken offline by foreign police and investigative services.”

The suspect is charged with four offences:

• possession of phishing toolkits and hacker tools;
• data theft and trade of non-public data;
• computer trespass;
• habitual money laundering.

The charge of habitual money laundering concerns crypto currency transactions amounting to 450,000 euros in 2022.

“On December 5, the council chamber of the Amsterdam court extended the pre-trial detention by 90 days.” concludes the press release. “At the moment, the financial and digital investigation is still in full swing.”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Austrians data)

[adrotate banner=”5″]

[adrotate banner=”13″]