In April 2025, a serious cybersecurity breach targeted Bulgaria’s Permanent Representation to NATO, according to Ivaylo Mirchev, an MP from the “We Continue the Change–Democratic Bulgaria” coalition. He raised the alarm publicly and also submitted a formal written question to Defense Minister Atanas Zapryanov. Mirchev stated that the attack involved ransomware – a type of malware designed to encrypt files and extort victims by demanding payment in exchange for a decryption key. He warned that the incident may have resulted in the leak of sensitive information.
Mirchev, who also co-chairs the “Yes, Bulgaria” party, questioned whether the Ministry of Defense had been officially informed about the cyberattack. In his inquiry, he asked for clarification on the timeline and manner in which the ministry received the alert: who reported the incident, how the communication was carried out, and what the immediate institutional response was. His question also sought information on what concrete steps have been taken since the breach was detected.
He emphasized that the attack specifically targeted Bulgaria’s NATO mission and appeared to be part of an effort to demand a ransom from the victims. The incident, as described by Mirchev, raises concerns about the security of Bulgaria’s digital infrastructure at the diplomatic level. Despite the seriousness of the claims, there has been no official confirmation from other government bodies or institutions so far. Nonetheless, the matter has now been brought into the public spotlight and placed on the agenda of the Ministry of Defense, which is expected to respond.
