Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Millions of Russians' Personal Data Posted on Free Website

Names, addresses, account information, and other data posted by unknown source

Russian media are reporting the emergence of a Website that offers to deliver the personal information of millions of Russian and Ukrainian users for free over the Internet.

According to a broadcast this morning on Russia Today, a Website of unknown origin is offering data on "millions" of Russian citizens to anyone who registers online. The report did not give the URL of the site.

A reporter who attempted to register for the site received an email promise that he will be sent a password "in a couple of days." This led some experts to conclude that the site might be a simple phishing attack, a hoax created to collect the registrant's personal data.

But the reporter also spoke to a number of users who claim they have been able to access the site and have collected a wide range of personal data on Russian citizens. Russia Today speculates that the data may be a compilation of multiple databases that have been stolen previously and sold on the black market.

The site's operators have effectively hidden their identities, according to the report. The site's URL is registered to an organization in Panama, but the data is hosted on a server in St. Louis, the report states.

Lawyers quoted in the report say the citizens who are affected by the posting could file legal charges, but experts said they are pessimistic about the prospects of punishing the site owners.

"Today there are no international documents that could help solve this situation," said Leyla Neyman, a media lawyer. "The site is in .com, not .ru registration zone. And hardly anything could be done."

Aleksey Sabanov, Russian IT security expert, says he has seen many similar cases. "We now observe a well-organized trade of these databases. One of the main questions is accuracy of the information sold," he said.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

  • WhiteHat Security

    Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    44% of Security Threats Start in the Cloud
    Kelly Sheridan, Staff Editor, Dark Reading,  2/19/2020
    Zero-Factor Authentication: Owning Our Data
    Nick Selby, Chief Security Officer at Paxos Trust Company,  2/19/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    6 Emerging Cyber Threats That Enterprises Face in 2020
    This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
    Flash Poll
    How Enterprises Are Developing and Maintaining Secure Applications
    How Enterprises Are Developing and Maintaining Secure Applications
    The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-9405
    PUBLISHED: 2020-02-26
    IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS via the redirect page.
    CVE-2020-9406
    PUBLISHED: 2020-02-26
    IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of the Auxiliary Service.
    CVE-2020-9407
    PUBLISHED: 2020-02-26
    IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWEBSERVICE_JSONRPC_COOKIE cookie.
    CVE-2020-9398
    PUBLISHED: 2020-02-25
    ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_allowed=sites option is manually enabled, allows SQL Injection.
    CVE-2015-5201
    PUBLISHED: 2020-02-25
    VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows r...