Private Intelligence Service linked to minister Antal Rogán may have been spying at the Tisza Party

According to Átlátszó’s sources, the perpetrator and accomplices spying on the Tisza Party—known by the alias “Henry”—should not be sought among the professional staff of the Constitution Protection Office, the Hungarian counterintelligence agency. But they aren’t very far from there either: they may be working in the vicinity of an information technology company run by a former secret service agent, which also works for the secret services and maintains close ties with them.

That is where a highly paid unit—composed in part of former national security agents and specializing in political smear campaigns—had been organized; Tisza was not their first assignment: for years, they have been working against the political opposition using illegal, secret service methods.

“I saw young guys running Pegasus and Candiru on their computers; they’d already been doing surveillance on the Budapest municipal government” – says our source, who asked to remain anonymous and who had a close-up view of the informal “freelance team” of “blackmailed hackers,” as he puts it, organized around a former national security officer who had left the Office for the Protection of the Constitution (AH) a few years ago.

“This is a very dangerous topic; these guys would accidentally run you over with a tram on the sidewalk,” continues the IT specialist, who says he faced various non-legal reprisals after “looking into” the pro-government shadow secret service. He does not wish to speak about it.

Another source of ours echoes this sentiment: he refers to the group of “subcontractors” organized around the former national security officer’s company—which was funded with public money and secret service contracts—as “Rogán’s blackmailed hackers.”

“You could only be a subcontractor if you were blackmailable, but all of this had to be done in a way that allowed you to document your unblackmailability”—he notes, referring to the mandatory background checks required for companies supplying the secret services. For example, someone with a criminal record, an ongoing criminal case as a hacker, or who has received millions or tens of millions of forints without an invoice is vulnerable to blackmail.

“But by now, many of them have thrown in the towel and stepped out of the blackmail chain,” he says, referring to tensions within the group.

They’re being investigated by the secret service

We reached out to hackers, cybersecurity, and national security experts following a post by Szabolcs Panyi, and several of the dozen or so insiders we contacted confirmed the post’s content: it appears to be a story that is almost common knowledge in certain circles, but no one wanted to speak on the record about it.

Therefore, we cannot name our sources or the individuals they described. “One thing really upsets him: if his secrets are named and exposed, that’s when he really gets angry,” says one of our interviewees, who fears retaliation.

The process outlined by our well-informed sources began in 2021, after the national security officer—who, according to one of our sources, “wasn’t really liked” there—left the Office for the Protection of the Constitution and, with the help of a private equity fund close to minister Rogán, bought out the cybersecurity firm. This company then multiplied its revenue through government contracts and now generates tens of billions of forints in annual revenue.

We understand that the company’s covert operations, which enjoy strong political backing, are also supported from within the Office for the Protection of the Constitution; the former OPC official still has “moles” within the state intelligence services, where he is also present as a supplier.

Meanwhile, according to our source at the OPC, an official investigation is currently underway because, while not the only possibility, it is considered the most likely scenario that the private intelligence agency he headed may have been spying on the Tisza Party, and they may have approached the young Tisza volunteer—who became a folk hero under the name “Gundalf”—using the alias “Henry.”

The outcome of this internal power struggle at the Office for the Protection of the Constitution will likely be decided by the election: if Fidesz remains in power, they will undoubtedly sweep the matter under the rug, and we won’t hear another word about it. On the other hand, if the Tisza really does win the elections, skeletons will start falling out of the secret service’s closets after the leadership changes.

“Politics has always taken advantage of us,” says our source at the office.

They are spying for the government propaganda using cyberweapons

Regarding the structure of the pro-government private intelligence agency, we have learned that, in addition to hackers and IT specialists, our sources indicate that former intelligence officers from the National Tax and Customs Administration and the Constitution Protection Office, as well as profilers and retired police officers, are also involved—all of whom earn several times the monthly salary available in the public sector.

They are aided in their illegal surveillance, wiretapping, and hacking by the use of various cyberweapons and AI tools obtained from the dark web. They do not shy away from disguising themselves as uniformed utility workers or acting on behalf of well-known telecommunications companies to approach their current targets, or even seeking the cooperation of soccer ultras.

Several of our sources indicate that this is a group that has been active for years, producing audio recordings intended to discredit the political opposition since 2021, which were then leaked to the pro-government press for propaganda purposes with the cooperation of the Prime Minister’s Office led by Antal Rogán. They are now operating in a similar manner around the Tisza Party; the flood of election audio recordings intended to be exposés, disseminated in the pro-government press and online, is a testament to their work.

And they may also be responsible for last year’s Discord group and Tisza Világ app data leaks at Tisza, during which the personal data of thousands of volunteers was leaked onto the open internet—and even onto a map.

An IT specialist who previously was also part of the Tisza team, says that back then he drew up “a proper IT plan, complete with a security section to prevent data leaks,” and proposed the creation of an IT infrastructure “that would be unhackable for not only Tóni, but neither the Russians nor the Chinese, or, for that matter, the Americans.”

However, shortly thereafter, he was “sidelined and pushed out” of the party; the information security improvements he proposed were never implemented, and “every risk I identified has since materialized.”

Written and translated by Tamás Bodoky, the Hungarian version of this story is here. The cover image was created using artificial intelligence.