Feeds

Pirate Bay Warg accused of hacking international police database

Danish cops and taxmen also raided

Providing a secure and efficient Helpdesk

Pirate Bay co-founder Gottfrid Svartholm Warg has been named as a suspect in the hacking of a European database containing data about wanted criminal suspects and missing people.

According to Denmark's justice minister, two hackers are alleged to have accessed "some information" from the Schengen Information System, a controversial database which allows cops from 26 countries to share information. They are also accused of hacking into Denmark's police driving register, which contains personal identity numbers, and databases held by the Tax Authority and the Modernisation Agency.

A 20-year-old Danish man was detained on Wednesday in connection with the case but 28-year-old Warg is currently languishing in a Swedish prison ahead of a trial for what authorities previously described as the biggest hack in the country's history. He was arrested in Cambodia during September of last year at the request of Swedish police before being deported back to his home country.

Under Danish privacy laws, the police are not allowed to officially name the suspects. But speaking to the Associated Press, a government source was quoted as saying one of the suspects was the Pirate Bay old hand.

National police chief Jens Henrik Hoejbjerg said that about four million pieces of data were copied, but was not able to find any evidence that they had actually been used in any illegal manner. He reassured the Danish public, telling them that some hackers access sensitive data for financial gain, while others do it just to show they can. Sweden's Security and Intelligence Agency has now been tasked with making sure the country is safe from any further cyber attacks.

It has been widely reported that the databases were held on systems operated by CSC, a major American IT firm. The Register has contacted CSC's UK office to confirm this and we are currently awaiting a response.

Danish Justice Minister Morten Boedskov said: "This is a very serious hacking attack on Danish police registers."

"I can fully understand people who are worried about a security failure involving police registers, and I can fully understand those who want an answer as to whether the failure has any influence on their affairs,” he added.

Before appearing in a Danish court Warg will first face trial in Sweden, where police have claimed a group of hackers accessed the personal data of thousands of people held by IT firm Logica, by hacking into the firm's IBM mainframe, resulting in the online publication of 9,000 personal identity numbers. These hackers also tried to transfer large sums of money from accounts held by the the Nordea Bank, according to the police.

If Warg is found guilty in Sweden, he may have to serve his sentence before being deported to Denmark to face the next case, although the exact details of this have not been made clear.

Danish cops were first tipped off about the alleged hack attack when Swedish bobbies handed them a Danish IP address they uncovered during an investigation into the Logica incident. Danish police then realised their own databases had been attacked.

The unnamed Danish man has plead not guilty, while Warg has yet to enter a plea. The Danish suspect will be held for four weeks before facing trial.

The European Commission's website says the Schengen Information System is used by "border guards as well as by police, customs, visa and judicial authorities throughout the Schengen Area". Britain and Ireland are not part of the Schengen Area, which is the name for a bloc of nations that agreed to allow their citizens to freely travel by dropping passport and immigration controls at their borders. The site continues:

It holds information on persons who may have been involved in a serious crime or may not have the right to enter or stay in the EU. It also contains alerts on missing persons, in particular children, as well as information on certain property, such as banknotes, cars, vans, firearms and identity documents, that may have been stolen, misappropriated or lost. Information is entered into the SIS by national authorities and forwarded via the Central System to all Schengen States. The SIRENE Manual lays down the procedures for EU States' exchanges of supplementary information on alerts stored in SIS.

®

New hybrid storage solutions

More from The Register

next story
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.