VILNIUS, Lithuania – In a major cybersecurity incident that has escalated regional security concerns, Lithuanian national authorities have activated top-level alert protocols following the unauthorized exfiltration of over 600,000 records from the country’s official state data registers. Investigators have confirmed that a foreign state is suspected of orchestrating the breach, which has come amid heightened tensions from Russian hybrid operations targeting the Baltic nation.
The General Prosecutor’s Office of Lithuania publicly confirmed the details of the breach on Friday, noting that the leaked data was drawn primarily from the country’s national real estate and legal entity registers. According to official statements, the attackers gained unauthorized access by exploiting valid login credentials belonging to public institutions that are legally permitted to access the registry datasets. In the wake of the security failure, Adrijus Jusas, head of the State Enterprise Centre of Registers, the government body that oversees management of the national data systems, stepped down from his post on Monday.
Immediately following the discovery of the breach, Lithuanian cybersecurity and law enforcement bodies rolled out a series of emergency defensive measures. These included locking the accounts linked to suspicious access activity and enforcing mandatory credential updates for all authorized users to restrict further unauthorized entry, prosecutor officials confirmed.
While investigators have pointed to foreign state involvement as the leading hypothesis, authorities have not publicly named the specific country suspected of carrying out the operation. However, the context of regional security puts the incident in a stark light: as a small European Union and NATO member state with a population of just 2.9 million, Lithuania has long been identified as one of the most frequent targets of Russia’s hybrid warfare campaign against Western Europe, which encompasses everything from sabotage and property destruction to disinformation and influence operations. This history has left the country acutely sensitive to large-scale cross-border cyber intrusions.
Laurynas Kasčiūnas, a leading Lithuanian opposition politician, publicly claimed on social media this Sunday that the data theft is an operation carried out by Russian intelligence, though he has not released any evidence to back up the assertion. Kasčiūnas warned that the compromised dataset may include personal addresses and sensitive identifying information for active intelligence officers, military service members, Lithuanian diplomats, and national political leaders. If confirmed, the leak would give perpetrators actionable intelligence that could enable surveillance, targeted harassment, or coercive pressure operations against the exposed individuals.