Monitor Says '5 Million' Georgians' Private Data Shared On Hacker Forum

An anonymous user on a hacker forum has shared the names and other personal data of millions of Georgian nationals, according to data-breach monitors and an IT-news website.

The database leak on March 28 comes roughly seven months before the South Caucasus country's next parliamentary elections, although it was said to have been originally shared to a "niche" hacker community nine years ago.

In addition to names, it includes addresses, ID numbers, birthdates, and mobile-phone numbers, according to ZDNet, a specialist IT news site.

Georgia's Interior Ministry said it is investigating the case.

Georgia's population is estimated at around 4 million people, but the database was said to have included the details of "4,934,863 Georgians."

The data included deceased citizens, ZDNet said.

It did not appear to have been updated since the original leak in 2011, according to Under The Breach, the data-breach-monitoring and -prevention service that discovered its weekend reappearance and tweeted about its existence.

There was no confirmation of the data's authenticity by Georgian authorities.

The Central Election Commission said it was not their data, which it said includes information on 3.5 million voters and has no deceased individuals. The commission also said it did not collect the names of individuals' fathers -- which reportedly appeared on the leaked list.

"The database got shared on a cybercrime forum, free of charge under the category of a 'leak', the actor who leaked it gave a download link to the actual database which contained the information about the Georgian people," Under The Breach told RFE/RL in a March 30 e-mail.

Under The Breach said they had not noticed the original leak "because it didn't surface to large hacking forums."

ZDNet reported that the user who put the 1.04-gigabyte file on the hacker forum claimed it was from an official voter-registration portal that was down at the time its article was being prepared.

"This is similar to a lot of Russian databases which aren't getting leaked in large forums but in small Russian hacking communities because the rest of the hacking community don't really care about their leaks, mostly because they can't monetize those databases," Under The Breach told RFE/RL.