The police have launched two more investigations into the leaked data: they see the risk of driving licenses

The police investigation was launched after an official announcement from CityBee representatives that their data was being released on raid forums.

“We are investigating more than one version: that it was pirated, that perhaps it was freely accessible. There are more versions of which I could not speak in public due to the pre-trial investigation, ”said Arūnas Paulauskas, Deputy Commissioner General of Police, at the Public Order Commission meeting.

According to him, it is still difficult to say how long the investigation will take. The Lithuanian police have also involved foreign partners and turned to Europol for help in uncovering this crime.

“Intensive pre-trial investigation activities, both public and private, are currently underway,” he said.

“Researchers are intensively analyzing the leaked data. There are always certain risks. These are first name, last name, dates of birth, email. email addresses, login passwords that can be easily cracked, “he added.

A. Paulauskas pointed out that the police see a risk due to the data on driving licenses: using counterfeit Lithuanian driving licenses. “

According to the Deputy Commissioner General, 169 people reported to the police that their Citybee data had been hijacked.

“Until now, we do not have data to commit crimes, use that data, steal somewhere, embezzle money, etc. However, it must be recognized that the data is very widespread, probably more than a hundred copies of that database have already been made of data, which is an irreversible process ”, pointed out A. Paulauskas.

Rolandas Kiškis, head of the Lithuanian Criminal Police Office, said that on Tuesday the police launched two more pre-trial investigations after information appeared in the media about data leaked by users of the Darnipora.lt dating portal and the former company. Orakulas betting.

“We are investigating versions several times,” he added.

VDAI: we do not have a report on the Darnipora.lt case

State Data Protection Inspection (SDPI) Delphi reported that it had received the initial notification about the breach in personal data security due to the personal data of UAB Orakulas clients and employees.

“The company is currently conducting an investigation to determine the situation in more detail, and if the database is true, the information will be updated,” the VDAI commented.

Currently, VDAI is also clarifying the situation and deciding whether to carry out an investigation: “Has the organization complied with the principles related to the processing of personal data, has it applied the appropriate technical and organizational measures for the security of personal data, such as the adequate data protection? in order, among other things, to prevent new possible infractions “.

According to VDAI, potential victims have been informed about the possible breach in order to take additional security measures, change passwords, etc. The report was also sent to VDAI.

“The company also indicated that it plans to request a pre-trial investigation from law enforcement authorities. Based on primary data, if the database is real, the breach may have affected some of the identity, login and other data. ”Says VDAI.

Due to this incident, VDAI has received 1 appeal.

Due to the Darnipora.lt case, VDAI has not received a notification about the breach of personal data security, but has initiated a follow-up procedure and is clarifying the situation on its own initiative.

Representatives of Darnipora.lt did not comment in detail on whether they requested the institutions after the data leak in 2016.

Last Tuesday night, about 110,000 registered users of the CityBee car-sharing service in Lithuania leaked information. The police have launched a pre-trial investigation into the data theft. It was also launched by the State Data Protection Inspectorate (SDPI).

According to the company, criminals posted consumer data from three years ago on one of the hackers’ favorite forums. It is reported that the data of those customers who registered in the CityBee system as of February 22, 2018 were available to a limited number of people. In addition to the first and last names of some CityBee customers, phone numbers, email addresses, residential addresses, driver’s license numbers and encrypted passwords were stolen.

In the same customer database exchange forum, Raid Forums, where the data of the CityBee and Orakulo users were made public, information about the users of the Darnipora.lt dating portal appeared last year. But it was only on Friday that the data began to be publicly discussed. Posted 400 thousand for free. the. email addresses and passwords.