Slashdot Mirror

← Back to Stories (view on slashdot.org)

Latvian "Robin Hood" Hacker Leaks Bank Details

Posted by ScuttleMonkey on from the too-many-hoods-in-the-forest dept.

eldavojohn writes "Move over Russell Crowe, an anonymous hacker in Latvia is being hailed as a real life modern Robin Hood. The hacker refers to himself as 'Neo,' claims allegiance with the Fourth Awakening People's Army, and is outing banks that are capitalizing off of the horrible economic status Latvia is currently suffering from. No word on how he is acquiring the information but it is slowly being leaked to TV sources via Twitter and the common people love him. The hacker is thought to be based in Britain but a TV reporter pointed out the fine line Neo is walking, 'On the one hand of course he has stolen confidential data ... and he actually has committed a crime. But at the same time there is value for the public in the sense that now a lot of information gets disclosed and the whole system maybe becomes a little more transparent.' An example of a juicy tidbit he revealed is that managers of a Latvian bank did not take the salary cuts they promised they would after the government bailed them out of economic trouble. You can imagine that taxpayers were upset and thankful they knew this information."

1 of 170 comments (clear)

  1. Correction to the story by karuna · · Score: 5, Informative

    The summary is completely wrong. The actual history in short is as follows: Latvian Neo claims that the anonymous group 4ATA has downloaded about 7.4 million tax statements from the Latvian tax authority website that is used by businesses to submit their tax declarations electronically. It was done over 3 months period before the IT department realized that something is wrong. The stolen data includes practically full information about salaries and payments received by employees of all Latvian public and private enterprises.

    4ATA is now periodically releasing the detailed pay information of certain public companies one at a time. He is careful to remove actual names of employees and for many this data seems trivial. But with this he is trying to prove that the claimed austerity measures undertaken by the government to fight the economic crisis is a big lie. However, the periodic release is annoying politicians who can't find a way to stop this leak.

    As for Neo walking the fine line, he downloaded the data without circumventing any security measures as he claims that the website was open to everyone. The hole was one specific URL normally used by an authorized user to review his own statements. Each document in the total database is assigned an ID number and by sequentially changing the ID number in the said URL, everyone could download the whole database as no authorization was checked by the script on the server. After some time the tax department notice irregularities and noticed the developer of the system but they were rather slow to fix the breach. When they finally managed to get the act together, Neo had already downloaded about 98% of the database.