Slashdot Mirror

← Back to Stories (view on slashdot.org)

Latvian "Robin Hood" Hacker Leaks Bank Details

Posted by ScuttleMonkey on from the too-many-hoods-in-the-forest dept.

eldavojohn writes "Move over Russell Crowe, an anonymous hacker in Latvia is being hailed as a real life modern Robin Hood. The hacker refers to himself as 'Neo,' claims allegiance with the Fourth Awakening People's Army, and is outing banks that are capitalizing off of the horrible economic status Latvia is currently suffering from. No word on how he is acquiring the information but it is slowly being leaked to TV sources via Twitter and the common people love him. The hacker is thought to be based in Britain but a TV reporter pointed out the fine line Neo is walking, 'On the one hand of course he has stolen confidential data ... and he actually has committed a crime. But at the same time there is value for the public in the sense that now a lot of information gets disclosed and the whole system maybe becomes a little more transparent.' An example of a juicy tidbit he revealed is that managers of a Latvian bank did not take the salary cuts they promised they would after the government bailed them out of economic trouble. You can imagine that taxpayers were upset and thankful they knew this information."

22 of 170 comments (clear)

  1. Latvia explained in pictures and comments by sopssa · · Score: 5, Funny

    Million Reasons Why Latvia Is The Best Country In The World

    Be warned, you'll lose productivity for rest of the day.

    1. Re:Latvia explained in pictures and comments by copponex · · Score: 5, Insightful

      Be warned, you'll lose productivity for rest of the day.

      Sir, we are already reading slashdot.

  2. ahh by Anonymous Coward · · Score: 4, Funny

    i saw a guy walking down the street just today - in a long black coat wearing sunglasses talking on his nokia. i thought "i bet that guys a leet hacker" probably him. he was scowling.

    1. Re:ahh by grcumb · · Score: 5, Funny

      i saw a guy walking down the street just today - in a long black coat wearing sunglasses talking on his nokia. i thought "i bet that guys a leet hacker" probably him. he was scowling.

      You're wrong. The person you saw:

      • Was stylish;
      • Outdoors;
      • Had at least one friend.

      If this was a real hacker, he was disguised as a n00b.

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
  3. Some sympathy some not so by JoshuaZ · · Score: 5, Interesting

    Ok. Clearly the fact that the pay cuts for the executives didn't occur is something that this individual should have leaked and was the right thing to do. ( Why didn't the government insist on minimal transparency about the salaries in the first place? Because apparently corruption and lobbying is the same everywhere). Frankly, in TFA I don't see any information listed that shouldn't have become public. It doesn't look like they leaked anything that allowed people to take money from accounts or to steal identities or to create damage to the banks' computer networks. If there's any indication that Neo has done anything bad (other than choosing a really pretentious and unoriginal alias) I don't see it in TFA.

    1. Re:Some sympathy some not so by Danse · · Score: 5, Insightful

      I think it's a good thing that he's doing this. Of course if he gets caught he'll face at least some sort of punishment. He's not being malicious or destructive, so I'd consider it a form of civil disobedience. What I'd like to hear is what kind of punishment the bankers are going to get for essentially lying and stealing from the taxpayers. I bet they get a slap on the wrist at best.

      --
      It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
    2. Re:Some sympathy some not so by fuzzyfuzzyfungus · · Score: 4, Funny

      Slap on the Wrist?

      How dare you openly endorse such uncivil class warfare! It is everyone's obligation to understand that bankers are simply special. It would be an insult to apply rules made for common men to them.

    3. Re:Some sympathy some not so by GoCoGi · · Score: 5, Insightful

      A "crime" is not necessarily "bad".

    4. Re:Some sympathy some not so by Anonymous Coward · · Score: 4, Insightful

      what kind of punishment the bankers are going to get for essentially lying and stealing from the taxpayers

      A bonus?

      They won't stop until bankers get lynched in the streets.

    5. Re:Some sympathy some not so by JoshuaZ · · Score: 4, Insightful

      Committed a crime and did something bad are not the same thing always. Sometimes the moral or ethical act is against the law. It doesn't take much effort to give historic or current examples. Just a few people off the top of my head who've committed crimes that are morally either ok or the right thing to do: off the top of my head: abolitionists in the pre-Civil War US, protestors in Iran, and whoever gave Wikileaks their leaked documents about Guantanamo.

    6. Re:Some sympathy some not so by westlake · · Score: 4, Funny

      A "crime" is not necessarily "bad".

      But a conviction still puts you behind bars.

    7. Re:Some sympathy some not so by Marxist+Hacker+42 · · Score: 4, Insightful

      Heck, America doesn't protect it's whistle blowers. Why should Latvia?

      --
      SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
  4. Robin the Hood... by JackPepper · · Score: 5, Funny

    stole from the government and gave to the overtaxed. This guy is copying from the government and pasting to the people. He's more like a "Neo the Document Liberator?"

  5. I find it hard to take seriously a group called... by DigitalReverend · · Score: 4, Funny

    FAP Army.

    --
    I read Slashdot for the headlines, because the headlines, unlike the articles, are usually original and never duplicated
  6. Don't fuck with the big banks by Bloopie · · Score: 5, Interesting

    I don't know anything about Latvia. Here in the U.S., though, you don't fuck with the big banks. They have money and power--which they will throw at your political opponents if you become too much of a "problem."

    From the article I just linked to:

    Republicans are rushing to capitalize on what they call Wall Street's "buyer's remorse" with the Democrats. And industry executives and lobbyists are warning Democrats that if Mr. Obama keeps attacking Wall Street "fat cats," they may fight back by withholding their cash.

    "If the president doesn't become a little more balanced and centrist in his approach, then he will likely lose that support," said Kelly S. King, the chairman and chief executive of BB&T.

    Balanced and centrist? I guess that just about sums it up.

    1. Re:Don't fuck with the big banks by Lord+Ender · · Score: 4, Insightful

      I can see those conversations:

      Bank chairmen: "Mr. Obama and Congress, give us billions of dollars of the Public's money, no strings attached."

      Politicians: "If we don't do this, your banks will close, the FDIC will go bankrupt, and we will have a terrible deflationary depression, is that right?"

      Bank chairmen: "You are correct. Billions of dollars, please. Hand 'em over."

      Politicians: "Well we must prevent a depression, but you don't exactly deserve billions of the Public's money. So here's the cash, but there will be strings attached..."

      Bank chairmen: "Whatever; thanks for the cash! PS: buy these defaulting mortgages from us too, please. At twice their real value. Good! Bye!" ... one year later ...

      Politicians: "Here are the strings we told you about..."

      Bank chairmen: "What? Regulation? Penalties? You radicals! We thought you were balanced centrists, not commies! After all our payouts, we still have a few billion of the Public's money left. If you try to force any penalties on us, that money will be used to make sure you never get elected again. Checkmate."

      Politicians: "Oh fuck--pwned."

      --
      A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
  7. If at first you don't succeed.. by pacbowl · · Score: 5, Insightful

    If the First, Second and Third Awakening People's Army didn't rattle enough cages effectively, what makes them think the Fourth will prevail?

  8. Re:Who? Wha? Huh? by SOdhner · · Score: 4, Informative

    He's playing Robin Hood in a new movie that's not out yet.

  9. Hacker? Not really by hammeraxe · · Score: 4, Informative

    I think calling the guy a hacker is a bit over the top. Basically what he did was change the document id numbers in the URL. The information he was accessing was not secured in any sensible way: the login page could be bypassed by simply entering an address by hand. It's pretty much an epic fail of the company that made the system (unless the flaw was introduced intentionally for some reason). Source: http://translate.google.com/translate?js=y&prev=_t&hl=en&ie=UTF-8&layout=1&eotf=1&u=http%3A%2F%2Fwww.diena.lv%2Flat%2Fpolitics%2Fhot%2Fneo-no-4ata-mes-bijam-parsteigti-ka-mums-tik-ilgi-lava-datus-kopet&sl=auto&tl=en

    1. Re:Hacker? Not really by ACS+Solver · · Score: 4, Informative

      The BBC article doesn't entirely reflect the situation. I live in Latvia and do know better ;)

      The main thing they're not mentioning is the origin of that data. It wasn't just "downloaded" from the State Revenue Service via a hack or somesuch. This part has made headlines here - it turned out that the Revenue Service's internal system that contains information on all tax payers had no security, at all. You could view the confidential info by accessing an unsecured URL. And just by changing the entry id parameter in the URL, you could get to information about different tax payers, as the parent says. Any moron could get that data and apparently the "hackers"/whistleblowers in question downloaded it over the course of a couple months.

      Latvia is no US and of course the organizations here don't have the same kind of security experience that organizations from big countries. Still, this is an important governmental organization we're talking about and the security hole in question is blatant and obvious. As such, many here have doubts that it was accidental, it's quite possible that the Revenue Service was sabotaged.

      This Neo guy and his organization are apparently planning now to release information about the financial activities of a bunch of organizations, including governmental ones, as allegedly they believe it will help the society here, create more responsibility, etc. They have, banks aside, so far released information about the salaries of police and public transportation employees. The bank is a separate story really, it got bailed out when the recession hit hard here, and this bailout has in itself been a subject of much contention.

  10. Not a Hack by MrTripps · · Score: 4, Informative

    "The nation's security council discussed the breach and expressed concern that only 50 percent of the country's 175 state-run data systems have security oversight. President Valdis Zatlers called for immediate action to install proper security on all systems. Computer experts concluded that the breach did not constitute a cyber-attack and was the result of poorly developed software and systems management." http://www.kansascity.com/2010/02/24/1770170/cyber-whistleblower-stuns-latvia.html I'd hate to be that CIO.

    --
    "I'm not a quack, I'm a mad scientist! There's a difference." - Dr. Cockroach
  11. Correction to the story by karuna · · Score: 5, Informative

    The summary is completely wrong. The actual history in short is as follows: Latvian Neo claims that the anonymous group 4ATA has downloaded about 7.4 million tax statements from the Latvian tax authority website that is used by businesses to submit their tax declarations electronically. It was done over 3 months period before the IT department realized that something is wrong. The stolen data includes practically full information about salaries and payments received by employees of all Latvian public and private enterprises.

    4ATA is now periodically releasing the detailed pay information of certain public companies one at a time. He is careful to remove actual names of employees and for many this data seems trivial. But with this he is trying to prove that the claimed austerity measures undertaken by the government to fight the economic crisis is a big lie. However, the periodic release is annoying politicians who can't find a way to stop this leak.

    As for Neo walking the fine line, he downloaded the data without circumventing any security measures as he claims that the website was open to everyone. The hole was one specific URL normally used by an authorized user to review his own statements. Each document in the total database is assigned an ID number and by sequentially changing the ID number in the said URL, everyone could download the whole database as no authorization was checked by the script on the server. After some time the tax department notice irregularities and noticed the developer of the system but they were rather slow to fix the breach. When they finally managed to get the act together, Neo had already downloaded about 98% of the database.