Feeds

Pirate Bay Warg accused of hacking international police database

Danish cops and taxmen also raided

Choosing a cloud hosting partner with confidence

Pirate Bay co-founder Gottfrid Svartholm Warg has been named as a suspect in the hacking of a European database containing data about wanted criminal suspects and missing people.

According to Denmark's justice minister, two hackers are alleged to have accessed "some information" from the Schengen Information System, a controversial database which allows cops from 26 countries to share information. They are also accused of hacking into Denmark's police driving register, which contains personal identity numbers, and databases held by the Tax Authority and the Modernisation Agency.

A 20-year-old Danish man was detained on Wednesday in connection with the case but 28-year-old Warg is currently languishing in a Swedish prison ahead of a trial for what authorities previously described as the biggest hack in the country's history. He was arrested in Cambodia during September of last year at the request of Swedish police before being deported back to his home country.

Under Danish privacy laws, the police are not allowed to officially name the suspects. But speaking to the Associated Press, a government source was quoted as saying one of the suspects was the Pirate Bay old hand.

National police chief Jens Henrik Hoejbjerg said that about four million pieces of data were copied, but was not able to find any evidence that they had actually been used in any illegal manner. He reassured the Danish public, telling them that some hackers access sensitive data for financial gain, while others do it just to show they can. Sweden's Security and Intelligence Agency has now been tasked with making sure the country is safe from any further cyber attacks.

It has been widely reported that the databases were held on systems operated by CSC, a major American IT firm. The Register has contacted CSC's UK office to confirm this and we are currently awaiting a response.

Danish Justice Minister Morten Boedskov said: "This is a very serious hacking attack on Danish police registers."

"I can fully understand people who are worried about a security failure involving police registers, and I can fully understand those who want an answer as to whether the failure has any influence on their affairs,” he added.

Before appearing in a Danish court Warg will first face trial in Sweden, where police have claimed a group of hackers accessed the personal data of thousands of people held by IT firm Logica, by hacking into the firm's IBM mainframe, resulting in the online publication of 9,000 personal identity numbers. These hackers also tried to transfer large sums of money from accounts held by the the Nordea Bank, according to the police.

If Warg is found guilty in Sweden, he may have to serve his sentence before being deported to Denmark to face the next case, although the exact details of this have not been made clear.

Danish cops were first tipped off about the alleged hack attack when Swedish bobbies handed them a Danish IP address they uncovered during an investigation into the Logica incident. Danish police then realised their own databases had been attacked.

The unnamed Danish man has plead not guilty, while Warg has yet to enter a plea. The Danish suspect will be held for four weeks before facing trial.

The European Commission's website says the Schengen Information System is used by "border guards as well as by police, customs, visa and judicial authorities throughout the Schengen Area". Britain and Ireland are not part of the Schengen Area, which is the name for a bloc of nations that agreed to allow their citizens to freely travel by dropping passport and immigration controls at their borders. The site continues:

It holds information on persons who may have been involved in a serious crime or may not have the right to enter or stay in the EU. It also contains alerts on missing persons, in particular children, as well as information on certain property, such as banknotes, cars, vans, firearms and identity documents, that may have been stolen, misappropriated or lost. Information is entered into the SIS by national authorities and forwarded via the Central System to all Schengen States. The SIRENE Manual lays down the procedures for EU States' exchanges of supplementary information on alerts stored in SIS.

®

Internet Security Threat Report 2014

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
China is ALREADY spying on Apple iCloud users, claims watchdog
Attack harvests users' info at iPhone 6 launch
Carders punch holes through Staples
Investigation launched into East Coast stores
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.