Data breach hits nearly half of Slovenia’s population
Personal data of almost 900,000 people - nearly half of Slovenia's entire population of 2 million - have been exposed in a data breach at the Administration for Food Safety, Veterinary Sector and Plant Protection, leading to the resignation of its director.
The administration was notified of unauthorised access to its databases by the Office of Information Commissioner on 29 October. The public did not learn about the incident until over a week later, CE Report quotes The Slovenia Times.
Data of 873,201 individuals were exposed in the breach, their name and surname, address, personal identification number (EMŠO) and tax identification number, according to the administration.
The data belonged to individuals who were registered in various databases, such as the registers of farm animals, farms, farm subsidy recipients and pet owners.
The info commissioner office had been alerted of the vulnerability by an anonymous individual. They were told by the person that the data were safe and had been deleted.
"We can believe [the person] or not," Deputy Information Commissioner Eva Kalan said as quoted by the portal N1.
According to the office, the administration immediately eliminated the vulnerability and its operations have not been impaired. The compromised data have not been found on the dark web, nor has there been any demand for ransom or an attempt to sell the data.
The Government Office for Information Security has opened a forensic investigation. Criminal investigation is also under way and the info commissioner office has been conducting its own inspection proceedings on suspicion of inadequate personal data protection.
The food safety administration's director Vida Znoj offered her resignation over the incident on 7 November, which Agriculture Minister Mateja Čalušić accepted.
The minister rejected the opposition's call to step down herself, saying the priority now was to strengthen IT security and protect the public interest.
Photo: Boštjan Podlogar/STA
