Lithuanians will be able to check whether their personal data was among the 600,000 records stolen from the country's Centre of Registers, the agency's newly appointed acting director has said.
Giedrius Čininas, who took over after his predecessor resigned on Monday, told a press conference that the agency planned to make a dedicated tool available through its self-service portal by Tuesday morning.
"First and foremost, we plan to properly inform people and provide them with a clear and secure tool to check whether their personal data was taken and, if so, what data," he said.
He apologised to the public for the incident, saying the agency's immediate priority was the people whose data may have been copied.
Asked whether the stolen data had been extracted at random or selected according to specific criteria, the acting director said it consisted primarily of real estate register extracts, adding that individuals would be able to find out the specifics through the new tool.
Čininas only cautioned that if large numbers of people attempted to use the tool simultaneously, there might be temporary disruptions.
Chief resigns
Adrijus Jusas, who had led the Centre of Registers since June 2023, stood down on Monday following calls from Prime Minister Inga Ruginienė and Economy and Innovation Minister Edvinas Grikšas. Čininas, previously head of the agency's Prevention Department, was appointed acting director by Grikšas.
Grikšas said he was unable to share further details about the incident at this stage, given the ongoing pre-trial investigation. He described cyber security and data protection as the agency's number one priority.
The minister also pointed to what he described as a broader institutional failure, suggesting that those who had repeatedly cut the Centre of Registers' funding despite raising security concerns bore some responsibility for the situation. He said a technological debt had been accumulating since 2023, and though his ministry had allocated an additional €12 million to address it – the sum only halved the backlog.
Details about the breach
Lithuania's Prosecutor General's Office opened a pre-trial investigation on Friday into suspected illegal access to databases managed by the Centre of Registers. According to investigators, the primary targets were the Real Estate Register and the Register of Legal Entities. The unauthorised access is believed to have been carried out from abroad, using the systems or user accounts of other institutions.
More than 600,000 records are believed to have been copied. Reports suggest the first unauthorised logins took place at the beginning of this year, with the Centre of Registers becoming aware of the breach only in April.
Opposition politician Laurynas Kašiūnas, a member of the parliamentary National Security and Defence Committee, has said the stolen data may include information on Lithuanian intelligence officers.
Newsletter
Every Friday morning.
