[ad_1]
However, it is surprising that such email list finds entries indicating that sites are involved in the distribution of illegal content. filmai.in The consumer is a member of Seimas, the conservative former Foreign Minister Audronius Ažubalis. Or Eglė Švabauskienė, undersecretary of Laurynas Kasčiūnas, another conservative member of the Seimas. Or Inga Cemnolonskaitė, advisor to another member of the Seimas, as well as the conservative Algis Strelčiūnas.
Sigismund Gedvila / 15min photo / Audronis Azubalis
Even more surprising is the fact that representatives of the main Lithuanian legislature for the record filmai.in He uses his official state-issued work email address, which ends at @ lrs.lt and indicates the person’s first and last name.
The Seimas member confirmed that he had registered on this website. “I really once checked into the specified site, which at the time proved to be reliable (paid and robust design), and then I experienced that its activities in the public space raise questions, I no longer use it”, – 15 minutes A.Ažubalis said.
Could not identify a user from the postal address registered in the @ lrs.lt domain: their name ([email protected]) was not created according to the usual template [email protected].
By the way, there are fans of that “sinful” entertainment (due to the illegal) not only in the Seimas. Viewing from filmai.in no later than 2018. The database of users’ email addresses was leaked in October (from which, before being transmitted 15 minutes usernames and passwords were removed and still occupied more than 15 MB of text), an address belonging to the Government, Aurelia Urboniene (employees of the Social Group of the Chancellery (address in the @ lrv.lt area) and individual ministries).
Public officials working in ministries have also not avoided using state-provided tools to register for a website that engages in illegal activities that can cause tens of millions of euros in damage to content creators, rights holders, and distributors each year. :
- Ministry of the Environment (addresses @ am.lt): 6 people
- Ministry of Social Security and Labor (addresses @ socmin.lt): 1 person
- Ministry of Health (addresses @ sam.lt): 1 person
- Ministry of Education and Science (addresses @ smm.lt): 5 people
- Ministry of the Interior (addresses @ vrm.lt): 1 person
- Ministry of Agriculture (addresses @ zum.lt): 3 people.
The editorial board knows the names of most of these people (in one case, the address on the site “filmai.in” used a non-standard template. This suggests that it is someone who works in the IT department of that institution or a person with very close IT contacts (personal).
Also among the most interesting users of the website who distribute pirated content are a well-known businessman in the public space, an owner, an opponent of vaccines and a distributor of conspiracy theories.
The Filmai.in administration apparently only became aware of the hacking of its database and the theft of the text user database when offers to buy this database began to spread in online forums. Passwords for all users were forcibly changed.
It is not known at this time if the distributors of illegal content have improved the privacy practices of their users, but 15 minutes The cybersecurity expert who consulted on the matter stated that it was clear that the site operators did not have a cybersecurity policy.
VDAI can also take action
In 15 minutes When asked if the State Data Protection Inspectorate (NSA) could take action on this leak, the NSA replied as follows: “Pursuant to Article 55 (1) of the General Data Protection Regulation (hereinafter, the Data Protection Regulation), “each supervisory authority has the competence according to [BDAR] assigned tasks and exercise according to [BDAR] powers conferred. “Therefore, the State Data Protection Inspectorate (hereinafter VDAI) has the right to take action against those data controllers whose registered office is in the Republic of Lithuania. In the event that the controller and / or processor in question is established in another Member State, personal data processing operations or security measures carried out by it will be subject to evaluation by the supervisory authority of the State in which it is established.
In any case, the choice of appropriate technical and organizational security measures is the responsibility of the controller derived from articles 24, 25 and 32 of the BDAR, and the controller must assess the level of technical development, the costs of implementation, the nature, the scope, context and purposes of the processing of personal data, as well as the risks to the rights and freedoms of individuals that present the different probabilities and seriousness of the processing. These criteria should be based on an appropriate level of security measures, which should be regularly evaluated and updated. You can also read the Guidelines for processed personal data security measures and risk assessment for data controllers and data processors published by VDAI (read).
Furthermore, we note that the theft of personal data may constitute elements of a criminal offense, the evaluation of which is carried out by the police authorities. “
[ad_2]