Monday, 29 June 2026
Rīga TV

World and Latvian news in one place

LatviaPublished: 29 June 2026 at 21:37

Criminal proceedings launched against cybersecurity expert Strazdiņš over LVM cyberattack disclosure

Cybersecurity expert Elviss Strazdiņš has announced that criminal proceedings have been initiated against him after he disclosed the hacker's ransom demand of €618,600 for decrypting data from AS "Latvijas valsts meži" (LVM). Strazdiņš criticized the company for using outdated software that allowed the attack.

Foto: Delfi

Cybersecurity expert Elviss Strazdiņš announced on social media that criminal proceedings have been launched against him. This follows his disclosure of the ransom amount demanded by the hacker group for decrypting the data of AS "Latvijas valsts meži" (LVM).

According to Strazdiņš, the hacker demanded 0.1% of LVM's total revenue. LVM's 2025 annual report shows revenue of €618.6 million, making the ransom amount €618,600. Strazdiņš noted that the hacker left contact details on Signal and other platforms, inviting communication to negotiate the ransom.

LVM's position and police action

LVM previously stated that it would not pay any ransom and that all data had backups. The company reported the incident to the State Police, which initiated criminal proceedings for the cyberattack. CERT.lv reported that responsibility for the attack was claimed by a foreign financially motivated ransomware group.

LVM IT Infrastructure and Development Director Māris Kuzmins said that some systems have already been restored and that apps "LVM GEO" and "Mednis" – used by recreationists and forestry workers – will be gradually restored.

Strazdiņš's criticism of software vulnerabilities

In the TV program "Panorāma", Strazdiņš explained that the hacker exploited a software vulnerability that had not been patched for seven years. Initially, the attacker used a vulnerability in the "GEO" software that should have been fixed two years ago. Strazdiņš said that based on internal information, almost all servers had the latest version, but one server retained the old version, which was used for the attack. The attacker then exploited several other vulnerabilities, including one from 2019, indicating that the software had not been updated for seven years. Strazdiņš also stated that the attacker left malware on servers, encrypted data, and deleted backups.

Strazdiņš expressed dissatisfaction that his disclosure was met with criminal proceedings instead of gratitude.

Comments

0/1500

Comments are automatically moderated. No hate, threats, personal data or spam.

Loading comments…

More in this category

Latvia

Criminal proceedings initiated against cybersecurity expert Elviss Strazdiņš after revelations about Latvijas valsts mežu data issues

Cybersecurity expert Elviss Strazdiņš announced on social media that criminal proceedings have likely been initiated against him following his revelations about data problems at Latvijas valsts meži.

LSM · 36 min ago

Latvia

Criminal Proceedings Initiated Against Cybersecurity Expert Elvis Strazdiņš

Latvian police have launched a criminal case against software engineer and cybersecurity expert Elvis Strazdiņš following his public explanations of a hacker attack on the servers of Latvijas valsts meži (LVM).

Apollo.lv · 1 h ago

Latvia

Program “ObSUdim vecherom” aired on June 29, 2026

On June 29, 2026, the program “ObSUdim vecherom” was published on LSM.lv.

LSM (rus) · 1 h ago