Data of Austrian citizens released in Darknet

[German]Data from citizens of Austria, specifically government employees and police officers, has been offered in the darknet for purchase. The trace may lead to the Gebühren-Info-Service (GIS) of Austria.


Austrian news site Der Standard reported the incident a few days ago. The Gebühren-Info-Service (GIS) – a subsidiary of the Austrian Broadcasting Corporation ORF – is probably affected. This company is responsible for processing the broadcasting fees. GIS has probably submitted the following written statement to Associated Press Austria (APA) through its managing director Harald Kräuter (sources: 1, 2):

As it became known today, it is likely that large amounts of data have been stolen, although it cannot be ruled out that these data originate from the sphere of influence of GIS. As our data protection experts assure us, there has been no negligence on the part of GIS. This is also underlined by the ISO certification of GIS IT systems, which was renewed in February.

In its written statement to the APA, GIS emphasizes that it has cooperated with the authorities and made the GIS systems available for review. Speaker Vincenz Kriegs-Au of the Federal Criminal Police Office confirmed on APA request:

The Federal Criminal Police Office has recently started investigating the suspicion of data theft.

The investigation is being conducted by the Cyber Crime Competence Center (C4) of the Federal Criminal Police Office with the support of the Federal Office for the Protection of the Constitution and Counter Terrorism (BVT). It is said that they work closely with GIS.

Data offered in Darknet

The reporting and admission of GIS was probably initiated by NEOS MP Douglas Hoyos by sending the following tweet.   


There it is still suspected that personal data such as addresses, telephone numbers and bank account details of Austrian officials, judges, public prosecutors and journalists are for sale in Darknet. The following screenshot shows this offer.

Austria-Leak im Darknet (Mai 2020)
(Austria-Leak in Darknet, Source: Der Standard)

The rumours so far have now been confirmed to a certain extent. But the circle of those affected above may be too small. I came across the following tweet which says something different.

According to the Darknet offer from the above tweet, a hacker sells a new dump containing all registered citizens of Austria. There are probably 8.9 million records, which are supposed to correspond with about 5 million addresses. Besides the Austrian Der Standard, Puls24 and heise also reported on the case. Currently there is a lot of noise in Austria – as I will reveal in the following blog posts. 

Similar articles:
City of Weiz (Austria): Computers infected with ransomware?
Cyber attack on the Austrian Foreign Ministry

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *