Andreas Lehmann, director of TRÜB Baltics AB, which represents ID card producer Gemalto, has claimed that he informed Estonian state authorities of the security flaw affecting hundreds of thousands of Estonian ID cards in June already. According to the director of the Information System Authority (RIA), however, he is lying.
Gemalto rep: Estonian authorities notified of ID card flaw in June
The RIA has asserted that it first received information regarding the security flaw affecting the chips used in ID cards issued since October 2014 from a group of international researchers late on the night of Aug. 30 - writes err.ee.
Lehmann wrote on social media, however, that he informed the Police and Border Guard Board (PPA) and the RIA of the vulnerability on June 15.
"In Northern Europe, a long period of vacations begins at Midsummer that lasts through the end of August," Lehmann wrote on LinkedIn. "The local elections, which included e-voting, lay ahead in the fall... The disclosure of this threat in June already would have surely ruined summer vacations. I understand completely why the authorities accepted the temptation to remain silent on the matter."
RIA Director General Taimar Peterkop told ERR's online news portal that Lehmann is lying.
"This is a lie," Peterkop told the portal. "We have not received anything either verbally or in writing. Considering how quickly we reacted on Aug. 30, once we found out about [the flaw], we would have reacted exactly the same way if we had been notified of this on June 15. Lehmann's claim as though we preferred to just go on vacation and for this reason neglected the matter is absurd. We would have certainly been quick to take action to prevent potential security risks."
Read more news of Tallinn on our site.