VILNIUS (Reuters) - Lithuanian police are investigating the leak of personal data of 110 thousand people, including five government ministers and the capital city’s mayor, they said on Tuesday, after the list was placed on a hacker website.
CityBee, a car-sharing service, confirmed the authenticity of the list, which includes national identification numbers, but did not involve financial payment data, it said.
“We are very sorry. I am one of the victims of the leak, because I use the service, and I very well understand that feeling of insecurity,” CityBee CEO Kristijonas Kaikaris told reporters on Tuesday. He suggested the hacked customers “don’t panic” and change their passwords.
A poster on the hacker forum said the list was extracted from data grabbed on Feb. 2018 from an unsecured database backup, and offered full hacked data for $1,000 paid in Bitcoin.
The data protection watchdog for Lithuania, whose entire population is 2.7 million, will be looking into whether CityBee secured the data properly, the watchdog’s director Raimondas Andrijauskas told a joint press conference with the police.
The company risks a fine of up to 20 million euros ($24.21 million), or 4% of its turnover, if found in breach of regulations.
($1 = 0.8261 euros)
Reporting By Andrius Sytas; editing by Barbara Lewis
Our Standards: The Thomson Reuters Trust Principles.