{"id":47927,"date":"2019-07-12T12:52:37","date_gmt":"2019-07-12T09:52:37","guid":{"rendered":"https:\/\/bivol.bg\/?p=47927"},"modified":"2019-07-13T19:09:05","modified_gmt":"2019-07-13T17:09:05","slug":"for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site","status":"publish","type":"post","link":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html","title":{"rendered":"For 3 Years White Hat \u2018Begs\u2019 Data Protection Watchdog to Stop Leaks from Its Site"},"content":{"rendered":"

The site of the Bulgarian Commission for Personal Data Protectio<\/a>n (CPDP) is vulnerable and gives access to the personal data of over 14,000 people who have sent complaints or questions to the Commission on various occasions. A “White Hat<\/a>” (an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies that ensures the security of an organization’s information systems) has established the leak.<\/p>\n

The expert has signaled the problem to the CPDP twice through the Commission\u2019s own system of alerts and complaints as early as 2016. They filed cases with incoming numbers but did not take any action to block the leaks. Ultimately, the “White Hat” turned to the media because of lack of any assistance on the part of the institutions. Our editorial office received the so-called Proof of Concept – a detailed description of the vulnerability and the steps that prove it.<\/p>\n

After we became aware of the problem and studied, we found that it is really serious and there is a theoretical and practical opportunity for access to phone numbers, emails and personal addresses of citizens. We sent this information to the CPDP on July 10. We pointed out the case numbers filed on the White Hat’s alerts: P-2372 \/ 01.04.2016 and P-3397 \/ 03.05.2016, as well as a link to one of the identified vulnerabilities. We asked if a security audit on the site had been ordered after these alerts, whether the problems had been identified and what steps had been taken to stop the access. So far, we have no response from the CPDP.<\/p>\n

The new cybersecurity law came into force in November 2018 and obliges the institutions to set up sectoral cybersecurity teams. In case of computer security breaches, the administrative bodies shall notify the sector response team within two hours after the incident has been detected, but only in incidents that have an impact on the continuity of their operations.<\/p>\n

Perhaps the CPDP does not react and ignores the information because the possibility of reaching the personal data of thousands of persons de facto does not stop its administrative activity and its internal information system, as well as the site. However, it compromises the role of the institution itself, which must also implement the very strict European regulation for the protection of personal data, GDPR.<\/p>\n

Wasting Money on White Hats<\/strong><\/p>\n

Under the new law, not only a number of sectoral teams, but also central cybersecurity teams keep popping up. In search of an institution to protect our personal data from the Commission for Personal Data Protection, we reached CERT Bulgaria<\/a>, the National Center for Incident Response in Information at the State Agency \u201ceGovernment\u201d. There is a breach-reporting link<\/a> on its site, but it does not work. The reason is probably that a public procurement contractor has not been selected yet to provide the Center\u2019s maintenance. The public tender<\/a> is worth EUR 366,083.84 without VAT in European funding and was announced at the end of June.<\/p>\n

Over the years, a lot of money has been spent on cybersecurity training. The main partner of the public administration and State institutions is the so-called International Cyber Investigation Training Academy, a nonprofit organization founded by leading experts in fighting cybercrime in 2009, as written on its website. It has a number of strategic partners, including financing of projects by the “America for Bulgaria<\/a>” Foundation and the European Good Governance<\/a> program. In addition to training, the Academy also offers \u201cwhite hat\u201d services – tests of information security breaches, audits, consultations, cyber expertise, and so on.<\/p>\n

A partner of this Academy is the Bulgarian Cyber Center for Competence for Training and Research (B2CENTRE). It includes the Centre for Cybersecurity & Cybercrime Investigation at University College Dublin, the 2CENTRE (European Network of Cybercrime Centres of Excellence Network for Training Research and Education<\/a>), the Main Directorate for Combatting Organized Crime (GDBOP) at the Bulgarian Ministry of Interior, the International Agency for Combatting Crime and Security Policies, Microsoft Bulgaria, the EMC Security Division – RSA and the Department of Computer Systems and Management at the Sofia Technical University. B2CENTRE absorbs European money under the Program for the Prevention of and Fight against Crime (ISEC) and has produced two reports: “Survey on Assessing the Need to Establish an Early Response System for Cybercrime<\/a>” and “Concept and Strategy for Developing an Early Response System for Cybercrime<\/a>“.<\/p>\n

If one reads these \u201cfundamental\u201d documents in their entirety, one will see a link to the B2CENTRE\u2019s website. Do not open it because it leads to a Malaysian site full of unsolicited ads. The same happens if one clicks on the B2Centre link on the CERT Bulgaria site menu. This is because the payment for the domain has not been renewed and it has been acquired by others.<\/p>\n

We have a true paradox – a cybersecurity project becomes dangerous for one\u2019s cybersecurity. The case is a good illustration of the campaign character of initiatives in this and other areas. The project was implemented from 2013 to 2015, the money has been spent, the reports written, then no one took care of the site’s security and maintenance, and there was not even anyone to remove the link to the domain that no longer has anything to do with its original purpose.<\/p>\n

Blunder after blunder and no one is guilty<\/strong><\/p>\n

The B2Centre reports, however, contain some useful information. For example, from the Early Response Survey, we learn that “most respondents believe that the acceptable response time between the start and the discovery of the cyber threat is between 30 minutes and two hours. Seven of the polled organizations say that the reaction should be up to ten minutes, and nine – from ten to 30 minutes.”<\/p>\n

The CPDP obviously does not think so because it did not respond to our signal for 24 hours. On Thursday, July 12, however, we were able to contact CERT.BG to report the breach. We asked to do this via a secure channel and exchange keys for encrypted communication. Once the Center successfully overcame the Cyrillic alphabet in the encrypted messages, it apparently managed to understand the nature of the problem. On Friday, we received a confirmation that the reported breach has been registered under number 6,691.<\/p>\n

In response to our question, CERT said that to date an “audit of the CPDP’s website and its information systems has not been carried out”, as “the execution of inspections of the state of the information systems of the administrative bodies is carried out according to pre-established schedules”. For now, the CPDP has not been scheduled for an audit.<\/p>\n

Two years ago, our media also reported a serious cybersecurity breach<\/a> on a website of the Ministry of Education. At that time, there was open access to the personal data of 1.2 million Bulgarian schoolchildren \u2013 full names, age, current and permanent address. The Ministry then denied that there was a problem, but reacted quickly, closed the site and restricted access to the data once they had received the alert. It also approached the Prosecutor\u2019s Office, but so far, it is not known whether it has found the guilty party.<\/p>\n

We are not noticing a similar speedy reaction to the current breach. CERT has assured us that “there is established communication with people in charge of network and information security and the necessary action is taken to address the problem”. However, by the time of this publication, the problem with the link to the Malaysian ads remained on the CPDP site and the vulnerability has not been eliminated.<\/p>\n

The good news is that the institutions tasked with safeguarding personal data and watching for the cybersecurity of the nation have established communication among themselves.<\/p>\n","protected":false},"excerpt":{"rendered":"

The site of the Bulgarian Commission for Personal Data Protection (CPDP) is vulnerable and gives access to the personal data of over 14,000 people who have sent complaints or questions…<\/p>\n","protected":false},"author":16850,"featured_media":47912,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"give_campaign_id":0,"_crdt_document":"","_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","rop_custom_images_group":[],"rop_custom_messages_group":[],"rop_publish_now":"initial","rop_publish_now_accounts":[],"rop_publish_now_history":[],"rop_publish_now_status":"pending","kia_subtitle":"","_lmt_disableupdate":"","_lmt_disable":"","_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"_wpas_customize_per_network":false,"jetpack_post_was_ever_published":false},"categories":[5542,5806],"tags":[9586,9076,9585,9077],"class_list":["post-47927","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-investigations-en","category-leading-en","tag-cert-en","tag-cpdp","tag-cybersecurity","tag-personal-data"],"yoast_head":"\nFor 3 Years White Hat \u2018Begs\u2019 Data Protection Watchdog to Stop Leaks from Its Site - Bivol!<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"For 3 Years White Hat \u2018Begs\u2019 Data Protection Watchdog to Stop Leaks from Its Site\" \/>\n<meta property=\"og:description\" content=\"The site of the Bulgarian Commission for Personal Data Protection (CPDP) is vulnerable and gives access to the personal data of over 14,000 people who have sent complaints or questions…\" \/>\n<meta property=\"og:url\" content=\"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html\" \/>\n<meta property=\"og:site_name\" content=\"Bivol!\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/bivolnews\/\" \/>\n<meta property=\"article:published_time\" content=\"2019-07-12T09:52:37+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-07-13T17:09:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/bivol.bg\/wp-content\/uploads\/2019\/07\/cert-adress.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1607\" \/>\n\t<meta property=\"og:image:height\" content=\"1011\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"\u0410\u0442\u0430\u043d\u0430\u0441 \u0427\u043e\u0431\u0430\u043d\u043e\u0432\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Atanas Tchobanov\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/bivol.bg\\\/en\\\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/bivol.bg\\\/en\\\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html\"},\"author\":{\"name\":\"\u0410\u0442\u0430\u043d\u0430\u0441 \u0427\u043e\u0431\u0430\u043d\u043e\u0432\",\"@id\":\"https:\\\/\\\/bivol.bg\\\/en#\\\/schema\\\/person\\\/96ae983c45d31588a3837e2eca41ae4f\"},\"headline\":\"For 3 Years White Hat \u2018Begs\u2019 Data Protection Watchdog to Stop Leaks from Its Site\",\"datePublished\":\"2019-07-12T09:52:37+00:00\",\"dateModified\":\"2019-07-13T17:09:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/bivol.bg\\\/en\\\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html\"},\"wordCount\":1291,\"image\":{\"@id\":\"https:\\\/\\\/bivol.bg\\\/en\\\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/bivol.bg\\\/wp-content\\\/uploads\\\/2019\\\/07\\\/cert-adress.png\",\"keywords\":[\"CERT\",\"CPDP\",\"Cybersecurity\",\"Personal Data\"],\"articleSection\":[\"Investigations\",\"Leading\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/bivol.bg\\\/en\\\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html\",\"url\":\"https:\\\/\\\/bivol.bg\\\/en\\\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html\",\"name\":\"For 3 Years White Hat \u2018Begs\u2019 Data Protection Watchdog to Stop Leaks from Its Site - Bivol!\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/bivol.bg\\\/en#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/bivol.bg\\\/en\\\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/bivol.bg\\\/en\\\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/bivol.bg\\\/wp-content\\\/uploads\\\/2019\\\/07\\\/cert-adress.png\",\"datePublished\":\"2019-07-12T09:52:37+00:00\",\"dateModified\":\"2019-07-13T17:09:05+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/bivol.bg\\\/en#\\\/schema\\\/person\\\/96ae983c45d31588a3837e2eca41ae4f\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/bivol.bg\\\/en\\\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/bivol.bg\\\/en\\\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/bivol.bg\\\/en\\\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#primaryimage\",\"url\":\"https:\\\/\\\/bivol.bg\\\/wp-content\\\/uploads\\\/2019\\\/07\\\/cert-adress.png\",\"contentUrl\":\"https:\\\/\\\/bivol.bg\\\/wp-content\\\/uploads\\\/2019\\\/07\\\/cert-adress.png\",\"width\":1607,\"height\":1011},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/bivol.bg\\\/en\\\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u041d\u0430\u0447\u0430\u043b\u043e\",\"item\":\"https:\\\/\\\/bivol.bg\\\/en\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"For 3 Years White Hat \u2018Begs\u2019 Data Protection Watchdog to Stop Leaks from Its Site\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/bivol.bg\\\/en#website\",\"url\":\"https:\\\/\\\/bivol.bg\\\/en\",\"name\":\"Bivol!\",\"description\":\" Mind the horns!\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/bivol.bg\\\/en?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/bivol.bg\\\/en#\\\/schema\\\/person\\\/96ae983c45d31588a3837e2eca41ae4f\",\"name\":\"\u0410\u0442\u0430\u043d\u0430\u0441 \u0427\u043e\u0431\u0430\u043d\u043e\u0432\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1628586a251f88639720d1ebeace8349bb04bc6baf25942ea3baa5e30711660c?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1628586a251f88639720d1ebeace8349bb04bc6baf25942ea3baa5e30711660c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/1628586a251f88639720d1ebeace8349bb04bc6baf25942ea3baa5e30711660c?s=96&d=mm&r=g\",\"caption\":\"\u0410\u0442\u0430\u043d\u0430\u0441 \u0427\u043e\u0431\u0430\u043d\u043e\u0432\"},\"url\":\"https:\\\/\\\/bivol.bg\\\/en\\\/author\\\/atanas\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"For 3 Years White Hat \u2018Begs\u2019 Data Protection Watchdog to Stop Leaks from Its Site - Bivol!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html","og_locale":"en_US","og_type":"article","og_title":"For 3 Years White Hat \u2018Begs\u2019 Data Protection Watchdog to Stop Leaks from Its Site","og_description":"The site of the Bulgarian Commission for Personal Data Protection (CPDP) is vulnerable and gives access to the personal data of over 14,000 people who have sent complaints or questions…","og_url":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html","og_site_name":"Bivol!","article_publisher":"https:\/\/www.facebook.com\/bivolnews\/","article_published_time":"2019-07-12T09:52:37+00:00","article_modified_time":"2019-07-13T17:09:05+00:00","og_image":[{"width":1607,"height":1011,"url":"https:\/\/bivol.bg\/wp-content\/uploads\/2019\/07\/cert-adress.png","type":"image\/png"}],"author":"\u0410\u0442\u0430\u043d\u0430\u0441 \u0427\u043e\u0431\u0430\u043d\u043e\u0432","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Atanas Tchobanov","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#article","isPartOf":{"@id":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html"},"author":{"name":"\u0410\u0442\u0430\u043d\u0430\u0441 \u0427\u043e\u0431\u0430\u043d\u043e\u0432","@id":"https:\/\/bivol.bg\/en#\/schema\/person\/96ae983c45d31588a3837e2eca41ae4f"},"headline":"For 3 Years White Hat \u2018Begs\u2019 Data Protection Watchdog to Stop Leaks from Its Site","datePublished":"2019-07-12T09:52:37+00:00","dateModified":"2019-07-13T17:09:05+00:00","mainEntityOfPage":{"@id":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html"},"wordCount":1291,"image":{"@id":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#primaryimage"},"thumbnailUrl":"https:\/\/bivol.bg\/wp-content\/uploads\/2019\/07\/cert-adress.png","keywords":["CERT","CPDP","Cybersecurity","Personal Data"],"articleSection":["Investigations","Leading"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html","url":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html","name":"For 3 Years White Hat \u2018Begs\u2019 Data Protection Watchdog to Stop Leaks from Its Site - Bivol!","isPartOf":{"@id":"https:\/\/bivol.bg\/en#website"},"primaryImageOfPage":{"@id":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#primaryimage"},"image":{"@id":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#primaryimage"},"thumbnailUrl":"https:\/\/bivol.bg\/wp-content\/uploads\/2019\/07\/cert-adress.png","datePublished":"2019-07-12T09:52:37+00:00","dateModified":"2019-07-13T17:09:05+00:00","author":{"@id":"https:\/\/bivol.bg\/en#\/schema\/person\/96ae983c45d31588a3837e2eca41ae4f"},"breadcrumb":{"@id":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#primaryimage","url":"https:\/\/bivol.bg\/wp-content\/uploads\/2019\/07\/cert-adress.png","contentUrl":"https:\/\/bivol.bg\/wp-content\/uploads\/2019\/07\/cert-adress.png","width":1607,"height":1011},{"@type":"BreadcrumbList","@id":"https:\/\/bivol.bg\/en\/for-3-years-white-hat-begs-data-protection-watchdog-to-stop-leaks-from-its-site.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u041d\u0430\u0447\u0430\u043b\u043e","item":"https:\/\/bivol.bg\/en"},{"@type":"ListItem","position":2,"name":"For 3 Years White Hat \u2018Begs\u2019 Data Protection Watchdog to Stop Leaks from Its Site"}]},{"@type":"WebSite","@id":"https:\/\/bivol.bg\/en#website","url":"https:\/\/bivol.bg\/en","name":"Bivol!","description":" Mind the horns!","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/bivol.bg\/en?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/bivol.bg\/en#\/schema\/person\/96ae983c45d31588a3837e2eca41ae4f","name":"\u0410\u0442\u0430\u043d\u0430\u0441 \u0427\u043e\u0431\u0430\u043d\u043e\u0432","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/1628586a251f88639720d1ebeace8349bb04bc6baf25942ea3baa5e30711660c?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/1628586a251f88639720d1ebeace8349bb04bc6baf25942ea3baa5e30711660c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/1628586a251f88639720d1ebeace8349bb04bc6baf25942ea3baa5e30711660c?s=96&d=mm&r=g","caption":"\u0410\u0442\u0430\u043d\u0430\u0441 \u0427\u043e\u0431\u0430\u043d\u043e\u0432"},"url":"https:\/\/bivol.bg\/en\/author\/atanas"}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/bivol.bg\/wp-content\/uploads\/2019\/07\/cert-adress.png","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/peFaG8-ct1","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":116882,"url":"https:\/\/bivol.bg\/en\/tulsi-gabbard-pierre-louvrier.html","url_meta":{"origin":47927,"position":0},"title":"Tulsi Gabbard is questioned in the Senate about Pierre Louvrier’s Russian connections","author":"\u0415\u043a\u0438\u043f \u043d\u0430 \u0411\u0438\u0432\u043e\u043b\u044a","date":"3 February 2025","format":false,"excerpt":"The Trump-nominated head of the U.S. National Intelligence, Tulsi Gabbard, had a difficult moment during her Senate hearing, where she was asked about an affair involving the well-known Belgian businessman Pierre Louvrier. As revealed by The New York Times, last year she traveled to Rome for an event at the\u2026","rel":"","context":"In "Investigations"","block_context":{"text":"Investigations","link":"https:\/\/bivol.bg\/en\/category\/investigations-en"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2025\/02\/louvrier-gabbard.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2025\/02\/louvrier-gabbard.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2025\/02\/louvrier-gabbard.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2025\/02\/louvrier-gabbard.jpg?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2025\/02\/louvrier-gabbard.jpg?resize=1050%2C600&ssl=1 3x"},"classes":[]},{"id":103336,"url":"https:\/\/bivol.bg\/en\/update-hal-billion-social-ministry.html","url_meta":{"origin":47927,"position":1},"title":"UPDATE: OVER 0.5 BLN BGN OF EU FUNDS EMBEZZLED THROUGH SOCIAL MINISTRY","author":"\u041d\u0438\u043a\u043e\u043b\u0430\u0439 \u041c\u0430\u0440\u0447\u0435\u043d\u043a\u043e","date":"30 March 2023","format":false,"excerpt":"Financial abuse valued at a couple hundred million euro have been exposed at the Ministry of Labour and Social Policy. The embezzlement is primarily tied to funds from different European Union programs awarded under the law for public procurement. The procedures, however, were conducted in gross violation of the law.\u2026","rel":"","context":"In "Investigations"","block_context":{"text":"Investigations","link":"https:\/\/bivol.bg\/en\/category\/investigations-en"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2023\/03\/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA-%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0-2023-03-30-%D0%B2-17.40.52.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2023\/03\/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA-%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0-2023-03-30-%D0%B2-17.40.52.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2023\/03\/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA-%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0-2023-03-30-%D0%B2-17.40.52.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2023\/03\/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA-%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0-2023-03-30-%D0%B2-17.40.52.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2023\/03\/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA-%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0-2023-03-30-%D0%B2-17.40.52.png?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2023\/03\/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA-%D1%8D%D0%BA%D1%80%D0%B0%D0%BD%D0%B0-2023-03-30-%D0%B2-17.40.52.png?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":48099,"url":"https:\/\/bivol.bg\/en\/bulgarian-commercial-registry-fixes-serious-personal-data-leak.html","url_meta":{"origin":47927,"position":2},"title":"Bulgarian Commercial Registry Fixes Serious Personal Data Leak","author":"Atanas Tchobanov","date":"30 July 2019","format":false,"excerpt":"Tens of thousands of Personal Identification Numbers (PIN \u2013 in Bulgarian EGN \u2013 similar to a social security number) and ID card numbers were available until yesterday (July 29) through Google's search engine because of a misconfiguration of the server maintained by the Bulgarian Registry Agency. To obtain them, it\u2026","rel":"","context":"In "Leading"","block_context":{"text":"Leading","link":"https:\/\/bivol.bg\/en\/category\/leading-en"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2018\/06\/registry-agency.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2018\/06\/registry-agency.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2018\/06\/registry-agency.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2018\/06\/registry-agency.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":35440,"url":"https:\/\/bivol.bg\/en\/files-commission-curtain-is-lifted-but-not-quite.html","url_meta":{"origin":47927,"position":3},"title":"Files Commission \u201cCurtain Is Lifted\u201d But Not Quite","author":"\u0415\u043a\u0438\u043f \u043d\u0430 \u0411\u0438\u0432\u043e\u043b\u044a","date":"12 October 2017","format":false,"excerpt":"\"The curtain is lifted\", announces on its homepage the site of the so-called Files Commission in charge of investigating the Communist-era secret services records. There you can also find a list of the probed people with possibilities to conduct a search. It is logical to expect reliable and up-to-date information\u2026","rel":"","context":"In "Investigations"","block_context":{"text":"Investigations","link":"https:\/\/bivol.bg\/en\/category\/investigations-en"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2017\/10\/comdos.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2017\/10\/comdos.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2017\/10\/comdos.jpg?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":45093,"url":"https:\/\/bivol.bg\/en\/bivol-wins-key-gdpr-case.html","url_meta":{"origin":47927,"position":4},"title":"Bivol Wins Key GDPR Case","author":"\u0415\u043a\u0438\u043f \u043d\u0430 \u0411\u0438\u0432\u043e\u043b\u044a","date":"28 January 2019","format":false,"excerpt":"The Bulgarian Commission for Personal Data Protection (CPDP) has rejected a citizen's claim against Bivol for the disclosure of personal data, filed under Regulation 2016\/679 or the GDPR, shows the decision in administrative case PPP-01-126\/October 30, 2017 of the CPDP. It was published on December 3, 2018, but we give\u2026","rel":"","context":"In "Leading"","block_context":{"text":"Leading","link":"https:\/\/bivol.bg\/en\/category\/leading-en"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2019\/01\/gdpr.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2019\/01\/gdpr.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2019\/01\/gdpr.jpg?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":27879,"url":"https:\/\/bivol.bg\/en\/russia-is-testing-cyber-war-software-made-by-bulgarian-company.html","url_meta":{"origin":47927,"position":5},"title":"Russia Is Testing Cyber-War Software Made by Bulgarian Company","author":"\u0415\u043a\u0438\u043f \u043d\u0430 \u0411\u0438\u0432\u043e\u043b\u044a","date":"5 September 2015","format":false,"excerpt":"The Chief of Communications of the Russian State Corporation, \u201cRostec\u201d, Vasily Brovko has been at a meeting in Sofia with the company Packets Technologies, during which the software for DDOS attacks has been demonstrated. The capabilities of the system have been tested against Ukrainian opposition and media sites. \"Rostec\" and\u2026","rel":"","context":"In "Investigations"","block_context":{"text":"Investigations","link":"https:\/\/bivol.bg\/en\/category\/investigations-en"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/bivol.bg\/wp-content\/uploads\/2015\/09\/dannye.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/bivol.bg\/en\/wp-json\/wp\/v2\/posts\/47927","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bivol.bg\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bivol.bg\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bivol.bg\/en\/wp-json\/wp\/v2\/users\/16850"}],"replies":[{"embeddable":true,"href":"https:\/\/bivol.bg\/en\/wp-json\/wp\/v2\/comments?post=47927"}],"version-history":[{"count":0,"href":"https:\/\/bivol.bg\/en\/wp-json\/wp\/v2\/posts\/47927\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bivol.bg\/en\/wp-json\/wp\/v2\/media\/47912"}],"wp:attachment":[{"href":"https:\/\/bivol.bg\/en\/wp-json\/wp\/v2\/media?parent=47927"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bivol.bg\/en\/wp-json\/wp\/v2\/categories?post=47927"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bivol.bg\/en\/wp-json\/wp\/v2\/tags?post=47927"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}