-
An online threat monitoring service revealed that a hacker named vvvv, working with the INF GRUPA collective, is distributing a stolen dataset from the Vladars.rs state portal in Bosnia and Herzegovina.
-
The hacker claims the breach exposes 51,173 records and is offering the information for free, alongside a published sample to prove the authenticity of the files.
-
The leaked database contains highly sensitive personal details, including full names, home addresses, phone numbers, cities, and national identification numbers like JMBG and JIB.
A major security incident has put a spotlight on government digital safety after online criminals targeted a primary European state portal. A prominent cyber threat tracking service noticed that an internet actor, going by the name vvvv, is actively sharing a stolen dataset across the dark web. The perpetrator launched this data release under the banner of an illegal hacking network known as INF GRUPA.
According to reports from data security monitors, the group claims that the massive haul of files came directly from Vladars.rs which serves as the official digital hub for the Government of Republika Srpska within Bosnia and Herzegovina.
This alarming incident shows that international threat groups are aggressively targeting official public administration websites. Instead of asking for a cash payment or a digital currency ransom to keep the information hidden, the group decided to distribute the database directly to other online criminals.
Security analysts state that when state files filter into underground marketplaces, it creates long-term safety issues for both the government and the ordinary people living in that territory.
The Exact Scope and Scale of the Exposed Information
The threat actor claims that the stolen dataset exposes exactly 51,173 individual records belonging to people in the region. To prove the validity of the intrusion, the hacker posted an open sample of the stolen files for anyone to review.
Security researchers who analyzed the leak verified that the package contains highly sensitive personal tracking details. The leaked files include full first and last names, specific residential cities, active telephone numbers, and physical home addresses.
More alarmingly, the repository also includes unique personal identification numbers, known locally as JMBG and JIB details. Cybersecurity researchers explain that these identification numbers form the backbone of a citizen’s legal identity.
Unlike a basic password, individuals cannot easily modify their government identification codes after a leak occurs. The intruder is currently offering the entire collection of files completely for free, which means any bad actor on the dark web can download the materials instantly.
The widespread availability of this information shows why public organizations must protect their portals. The Cybersecurity and Infrastructure Security Agency regularly urges public organizations to upgrade their software defenses to stop automated bots from pulling data from their servers. Leaving digital doors unlocked makes it far too simple for global syndicates to harvest private information without facing any resistance.
The Serious Risks of Free Data Distribution
When an illegal group shares a government registry without charging any money, the threat to regular everyday users jumps significantly. Other criminal syndicates regularly download these free bundles to fuel widespread identity theft and specialized fraud campaigns.
For example, scammers can take your phone number, name, and national identification metrics to design highly deceptive scams that mimic official tax notices or banking requests.
Because the data is public on criminal forums, identity thieves can also try to open fraudulent lines of credit or access local municipal services in a victim’s name. Many people fail to monitor their regional credit profiles, meaning they might only notice the damage months down the line.
The risks are similar for victims of other government portal breaches. A fake Bangladeshi government portal leaked passports and documents, showing how these attacks unfold across different countries.
Because identity theft continues to rise following these incidents, consumer protection groups constantly remind the public to update their login passwords regularly. Also, they advise everyone to monitor their bank statements for any weird transactions that might show an unauthorized person is using their identity.
Necessary Safeguards to Secure Public Networks
Government agencies can no longer rely on simple software tools to keep out advanced threat groups. To stop hackers from scraping valuable data packages, technology teams need to implement strict downloading limits on their portals.
These filters ensure that a single computer user cannot download thousands of documents or files within a few minutes without triggering an automatic lockout.
Additionally, organizations must split their central networks into separate, isolated compartments. This strategy ensures that even if an attacker manages to compromise a front-facing website, they cannot easily move deeper into the main server rooms where highly confidential records are stored.
