Among the leaked CityBee data is information about politicians: he sees a risk even to national security

CityBee assured that all information related to the event is provided to the responsible authorities to clarify the crime, and the disclosure of client data will not affect the security of clients’ financial services, since the company does not collect related sensitive information with customers’ payment methods. . However, it is clear that potential threats relate not only to financial services but also to national security.

According to Mykolas Majauskas, chairman of the Seimas Budget and Finance Committee (BFK), and Laurynas Kasčiūnas, chairman of the National Security and Defense Committee (NSGK), the leaked data includes personal data of politicians or even ministers, which can fall into the hands of from states hostile to Lithuania. And this, in turn, represents a threat to the security of the state.

According to farmer Agnė Širinskienė, the stolen data can be used to organize terrorist activities.

National security aspect

The police and the State Data Protection Inspectorate are conducting an investigation into the data breach. The Lithuanian Criminal Police Office launched a pre-trial investigation into the stolen data in cooperation with the company itself. However, Congressman Majauskas emphasized that in addition to this, it is very important to understand the threat to state security.

“I understand the big problem of personal data protection, which is very relevant. It is a matter of personal data protection and vigilance to react promptly and ensure that the damage caused is prevented and that those who have potentially committed the crime are held accountable. in accordance with current laws.

But there is also the issue of state security, because, to my knowledge, there are at least five ministers and some members of the Seimas and other politically vulnerable people on that list. That information would be a practical dessert for foreign services: having information about the top executives, their login passwords, which they could use to log into their other accounts, is a very sensitive issue. ” Delfi.lt said M. Majauskas.

Julius Sabatauskas, vice president of the Seimas and Social Democrat, also agreed that the current situation represents a threat to national security.

“The threat to national security really arises in this case. When the data situation is unstable, if the data of a private company that has a large customer base is insecure, who can guarantee that the data will not leak? Especially since we have already heard warnings from cyber security experts on this issue that public authorities should be more concerned about the security of their websites, as hackers have repeatedly changed the content of some authorities’ websites. it can lead to greater dangers and risks, ”he said.

In this situation, according to J. Sabatauskas, the security of the data must be guaranteed. Controls should be put in place at both national and European level to ensure that such practices occur while at the same time minimizing the likelihood of their occurrence and ensuring a rapid response.

“The answer is now only when the relevant data is published on public platforms. That should not be the case. The responsibility must also fall on the public authorities responsible for that oversight, because so far we have only heard such inconsistent disclosures or attempts to appease so as not to cause panic. Certainly there is no reason to panic, but any speech by those responsible must be responsible and they must not draw conclusions until the authorities responsible for the investigation have reached them, “the politician emphasized.

Inattention SSD

The MP M. Majauskas, emphasizing the aspect of data leakage of senior state officials, also drew attention to the role of the State Security Department (SSD) in this situation.

“It is unfortunate that we have not seen any steps from the SSD in this regard. In my opinion, the first thing the SSD had to do when it learned that there were politically vulnerable people on that list, in addition to the work that the Police and the Personal Data Protection Inspection, the job of the SSD was and is to contact politically vulnerable people and make sure they take the necessary data protection prevention measures, that is, to be informed that passwords should be changed and take other Actions.

The fact that it is the responsibility and business of the SSD to ensure the protection of public officials against acts of hostile states towards us. The leakage of such data and the access of hostile state services to the leaked information is a threat to national security ”, assured M. Majauskas.

The risk is there: the investigation will take place

According to NSGK President L. Kasčiūnas, the situation should not be threatened for the time being, but at the same time the risk to state security should not be ruled out.

“The risks are mainly related to data retention. We need to analyze the situation, and we will, we have already discussed a meeting within the commission on this issue, ”said the president of NSGK.

So far, all the circumstances are unknown, but it seems that the data was available to anyone who, according to L. Kasčiūnas, is a little more intelligent. “We can hypothetically think that during that day, someone from hostile entities collected data from politicians: addresses, phone numbers, passwords, which, as it turned out, was not difficult to crack. And people often use the same password in many places. Of course, until now we don’t really know if that was the case or not. But the risk remains, “he explained.

However, L. Kasčiūnas emphasized that this situation once again raised the general problem of data security.

“This is a problem in both the public and private sectors. In the public sector, we are constantly trying to reinforce the accountability of corporate executives. We also need to talk to the private sector about higher requirements,” he said.

Širinskienė warns: Stolen CityBee data can be used to organize terrorist activities

Farmer A. Širinskienė criticized Justice Minister Evelina Dobrovolskas, who, in response to the theft of personal data from some CityBee clients, stated that this does not pose a particularly high risk for the data owners. A member of the shadow cabinet made up of peasants argues that there are reasons for concern, as leaked citizen data could be used to commit crimes such as arms trafficking, terrorism or money laundering.

“Rather than saying what has been or will be done to prevent data theft like the City Bee from happening in the future and warning the owners of stolen personal data what to expect and should be careful, the Minister of Justice is reassuring these staff that data theft will have almost no consequences and the risk of using stolen data is low, ”writes A. Širinskienė on Facebook.

The policy also raises questions about whether, according to it, stolen personal data will actually do no harm. According to a policy published by the Peasants in the shadow of the Minister of Justice, personal data such as personal identification number, address, name, email, serial numbers of personal identification documents can be used in ways very wide.

“Especially when crimes with an international element are committed,” notes A. Širinskienė.

“For example, illegal immigration from third countries often takes place under the guise of falsified documents. Consider the ease with which a third-country citizen from Tula X could move into the EU with the personal data of a City customer. Bee on a forged passport. And now imagine that a Tula X resident with City bee customer ID is involved in the arms trade, a terrorist network organization in Europe and is suspected of money laundering … while the unsuspecting City bee customer, that person’s real person, the “owner” of the identity, flies to the Maldives on vacation. And where are the other transactions that can be concluded with relative ease, especially when they don’t require a notarized form ”Wrote the farmer on Facebook.

Justice Minister E. Dobrovolska said on Tuesday that the risks arising from the leakage of personal data of some of CityBee’s customers are considered small, so victims are not yet offered to change their bank cards or ID. of driving.