Back

Lithuania Investigates Major Data Leak of 600,000 Records Linked to Foreign Actors

Severity: High (Score: 72.5)

Sources: Therecord.Media, Apnews

Published: 2026-05-26 · Updated: 2026-05-26

Keywords: lithuania, data, state, records, foreign, leak, national

Summary

Lithuanian authorities are investigating a significant data leak involving over 600,000 entries from national registers, believed to be executed by a foreign entity. The breach primarily affected real estate and legal entity records managed by the State Enterprise Centre of Registers. Attackers gained unauthorized access using login credentials of authorized institutions. The head of the Centre of Registers resigned following the incident, and additional cybersecurity measures have been implemented, including account blocks and credential updates. While the specific foreign country involved has not been disclosed, suspicions point towards Russian involvement due to ongoing geopolitical tensions. Opposition figures have raised alarms about the potential exposure of sensitive information related to military and government personnel. Key Points: • Over 600,000 national registry entries were leaked, affecting real estate and legal records. • Unauthorized access was gained using credentials from institutions authorized to access the data. • Lithuanian authorities suspect foreign involvement, with speculation about Russian intelligence operations.

Detailed Analysis

**Impact** More than 600,000 records from Lithuania’s national data registers, specifically from real estate and legal entity databases, were compromised. The breach affects state-managed property and legal entity information, potentially exposing sensitive data related to intelligence officers, military personnel, diplomats, and politicians. The incident impacts Lithuanian national security and administrative operations, with possible espionage or coercion risks. The population affected is within Lithuania, a country of approximately 2.9 million people. **Technical Details** Attackers gained unauthorized access by using login credentials of authorized institutions to access the Centre of Registers’ systems. The breach involved exploitation of legitimate access rather than malware or known CVEs; no specific tools or infrastructure details were disclosed. The attack occurred at the credential misuse and data exfiltration stages of the kill chain. No indicators of compromise (IOCs) were provided in the available reports. **Recommended Response** Immediately enforce credential resets and multi-factor authentication for all accounts with access to sensitive registers. Block suspected compromised accounts and restrict access until credentials are updated. Monitor for unusual access patterns or data downloads from registry systems. Additional technical details are required to develop further detection or mitigation strategies.

Source articles (2)

  • Lithuania suspects foreign involvement in data leak of over 600000 national register entries — Apnews · 2026-05-25
    VILNIUS, Lithuania (AP) — Lithuanian authorities are on high alert after a massive data leak involving more than 600,000 entries from national data registers, which is believed to have been executed b…
  • Lithuania investigates theft of 600,000 state registry records by foreign actor — Therecord.Media · 2026-05-26
    The Lithuanian Prosecutor General’s Office said Friday that attackers gained unauthorized access to more than 600,000 records managed by the Centre of Registers, the state agency responsible for handl…

Timeline

  • 2026-05-25 — Data leak announced: Lithuanian authorities revealed a data breach affecting over 600,000 national registry entries, suspected to involve foreign actors.
  • 2026-05-25 — Head of Centre of Registers resigns: Adrijus Jusas resigned from his position following the data leak announcement, reflecting the severity of the incident.
  • 2026-05-26 — Investigation continues: The Lithuanian Prosecutor General's Office is actively investigating the data theft, focusing on the methods used by the attackers.

Related entities

  • Data Breach (Attack Type)
  • Centre Of Registers (Company)
  • Lithuanian Prosecutor General’s Office (Company)
  • State Enterprise Centre Of Registers (Company)
  • Lithuania (Country)
  • Russia (Country)
  • CWE-200 - Exposure of Sensitive Information (Cwe)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed