Skip to main content
Emerging ThreatsData Breaches

Lithuania's National Register Breached, 600,000 Entries Exposed

Government office interior with filing cabinets in background.

More than 600,000 entries from Lithuania’s national registers were exposed, a breach the Lithuanian general prosecutor’s office says affected primarily registers of legal entities and real estate holdings.

Scope of the leak: legal and real estate registers, 600,000+ entries

The general prosecutor’s office announced the incident as a leak of national register entries that predominantly involved records for legal entities and real estate. Authorities describe the impact as affecting more than 600,000 entries in total. The public statement frames the event as a large-scale exposure of government-held registry data rather than a narrow, isolated compromise.

Immediate response: restricting access and blocking suspected accounts

According to the prosecutor’s office, discovery of the leak prompted authorities to enact further cybersecurity measures. Those measures included restricting access to affected systems and blocking the accounts of actors suspected of malicious activity. The announcement does not enumerate additional technical mitigations or investigative steps beyond those access and account controls.

Leadership change: resignation of Adrijus Jusas

Following the disclosure of the leak, Adrijus Jusas, head of the State Enterprise Centre of Registers, resigned. The resignation was announced in the wake of the incident and is directly linked in public reporting to the data exposure. No other personnel actions or appointments were detailed in the announcement summarized by the prosecutor’s office.

Attribution posture: officials cite foreign activity; some point to Russian intelligence

Lithuanian officials have expressed a belief that the incident was the result of foreign activity, but the prosecutor’s office has not issued an official statement naming a country responsible. Separately, some parties have suggested the operation may be linked to Russian intelligence, citing Lithuania’s status as a target of what is described in reporting as Russia’s "hybrid war." That hybrid-war characterization in the reporting lists arson, vandalism, sabotage and influence operations as tactics associated with that campaign.

What this means for technologists, policymakers, and affected legal and real estate entities

  • Technologists and security teams: The immediate controls — restricting access and blocking suspected malicious accounts — indicate a defensive posture focused on containment. Security teams connected to the registers will be watching for follow-on activity tied to the blocked accounts and for signs of additional unauthorized access, and will be responsible for restoring and hardening registry access under directions from prosecutorial authorities.
  • Policymakers and regulators: The resignation of the State Enterprise Centre of Registers’ head signals a governance and accountability consequence tied directly to the incident. Regulators and government oversight bodies will confront decisions about leadership, transparency, and the scope of any public reporting or regulatory reforms following the breach.
  • Affected legal and real estate entities: Entities whose registry records are among the more than 600,000 exposed will face questions about the confidentiality of their publicly held records and potential misuse of the leaked entries. Those organizations and property owners will be stakeholders in any remediation steps and any official communications that flow from the prosecutor’s office or registry operators.

The official record as presented by the prosecutor’s office is concise: a large leak of national register entries, emergency access restrictions and account blocks, an attribution leaning toward foreign activity without a named perpetrator, and a senior resignation at the State Enterprise Centre of Registers. The combination of operational containment measures and an unresolved attribution leaves both technical and political dimensions of the incident active and visible.

Source: Security Magazine — 600,000 Lithuanian National Register Entries Leaked