Russia trade data breaches

Main article: Data leaks in Russia

2024

Data leakage of 1.2 million customers of Detsky Mir stores

On October 10, 2024, it became known that cybercriminals had penetrated the IT infrastructure of the Detsky Mir chain of stores. As a result of the hack, personal data of approximately 1.2 million customers were posted on the Internet for open access. Read more here.

Data of millions of visitors to Burger King restaurants was leaked

On October 10, 2024, it became known that cybercriminals had entered the Burger King IT infrastructure. As a result of the hack, the personal data of millions of visitors to this fast food chain was leaked. Read more here

Data of millions of users of the marketplace "Fair of Masters" was leaked

On October 9, 2024, it became known that cybercriminals had penetrated the IT infrastructure of the Fair of Masters marketplace. As a result of the hack, the personal data of millions of users of this platform was leaked. Read more here

The manufacturer of sportswear leaked the data of customers. He blamed the incident on a vulnerability in 1C-Bitrix

As TAdviser discovered in September 2024, the Magistrate's Court of the Leninsky District of Penza found the Russian sportswear manufacturer Nordski (Ski Plus LLC) violated the law on personal data due to the leakage of personal data of users and customers from its website. The company explained the incident by the presence of a vulnerability in the 1C-Bitrix website management system, which it uses. Read more here.

Data of millions of visitors to the Vinlab alcohol store network was leaked

In early July 2024, it became known that cybercriminals hacked the information infrastructure of the Vinlab chain of alcoholic beverages stores. As a result, the personal data of millions of visitors to these outlets were leaked. Read more here.

The data of hundreds of thousands of customers of the Magnolia supermarket chain was leaked

In the online store of the Magnolia supermarket chain, two customer data leaks occurred with an interval of several days. The first leak, affecting 252 thousand unique records, was revealed on June 24, 2024, the second, containing more than 256 thousand records, on July 2, 2024. Read more here.

The data of the largest Russian online store of glasses and contact lenses was leaked

On May 27, 2024, it became known that cybercriminals managed to penetrate the IT infrastructure of the largest Russian online store of glasses and contact lenses - the site Ochkov.net. As a result, the personal information of the service customers was leaked. Read more here.

The data of hundreds of thousands of users of food delivery services Performance Group was leaked

At the end of April 2024, it became known that the personal data of hundreds of thousands of users of food delivery services Performance Group got into open access on the Internet. Cybercriminals have at their disposal a large fragment of the payment transaction database of a number of platforms, including levelkitchen.com, m-food.ru and p-food.ru. Read more here.

Data of millions of users of the online store "Online Trade" was leaked

In early March 2024, it became known that as a result of a hacker attack, the personal data of more than 3.8 million users of the online store "Online Trade" was leaked. According to reports, an attacker was involved in the hack, who had previously published on the Internet information about users of the educational portal GeekBrains and the logistics company SDEK. Read more here.

The data of hundreds of thousands of customers of the Orteka orthopedic salon network was leaked

In early March 2024, it became known that the IT infrastructure of the Orteka orthopedic salon network (orteka.ru) was subjected to a hacker attack. As a result of the hack, the data of hundreds of thousands of customers was leaked. Read more here.

2023

A third of attacks on retailers led to a halt in sales

In 2023, a third of attacks on retailers led to a halt in sales. Positive Technologies reported this on April 1, 2024.

According to a study by Positive Technologies, Russian retailers and e-commerce companies were in the spotlight of hackers, entering the top 3 in terms of reports of stolen data and infrastructure access in the shadow market. At the same time, 80% of ads about Russian trading companies offer free distribution of stolen databases.

At the end of 2023, the share of incidents with theft of data from retailers and e-commerce companies increased to 74%. The main goal of cybercriminals is to obtain personal information of customers. Almost half (46%) of confidential information leaks contained this data.

We see several reasons for the large number of ads selling initial access to the infrastructure of retail companies, "said Anna Golushko, senior analyst at the Positive Technologies research group," first of all, outdated databases force cybercriminals to actively seek access to systems for fresh and more complete information. In addition, the constant development of the shadow market attracts new participants, including inexperienced hackers who specialize in gaining initial access and then selling it to more experienced attackers.

On average, the cost of each second announcement for 2023 did not exceed $1000. However, amid geopolitical tensions, hacktivists give away stolen databases of Russian retailers and e-commerce for free.

Key techniques used by attackers to attack trading companies are malware infection (58%), exploitation of vulnerabilities (42%) and various social engineering methods (39%). Most often, hackers attack CMS systems (content management systems) used by online stores, which leads to theft of customer payment data and penetration into the company's infrastructure. These attacks not only undermine customer confidence, but can also cause serious damage to the reputation of companies and business as a whole. So, in 2023, a third of retailers around the world faced a halt in sales as a result of cyber attacks.

Positive Technologies experts believe that a large percentage of leaks are associated with an increase in the amount of information in companies, which often becomes uncontrollable. This causes problems with the inventory of the data infrastructure, its classification and control of access to them. Therefore, in retail and e-commerce, there is a need for a Data security platforms (DSPs) class solution that allows you to manage various types of data regardless of their structuring and location. This approach will build effective cybersecurity in industries that process large amounts of information.

There was a leak of data of millions of customers of the chain of stores "Girlfriend"

The data of millions of customers of the chain of cosmetics and perfume stores "Girlfriend" was leaked. The profile Telegram channel "Information Leaks" reported this on August 2, 2023. Read more here.

The data of millions of users of the online bookstore was leaked book24.ru

In early June 2023, it became known about the leak of data from millions of users of the leak of an online book store book24.ru. Later, on July 24, 2023, the Telegram channel "Information Leaks" clarified that out of more than 3.5 million pairs of records including email and password, almost 99% are unique, that is, they have not previously been found in leaks. Read more here.

There was a leak of customer data from Bukvoed, Leroy Merlin, Yours and Eat at Home

On June 8, 2023, it became known about a data breach to customers of four large companies in: Russia the online bookstore "," Pedant the construction store, "the Leroy Merlin culinary recipe portal" Eat at Home "and the clothing store". "Yours

The fact that information from users of the sites of these brands is publicly available was reported by the research company Data Leakage & Breach Intelligence (DLBI), which specializes in information leaks.

One of the two files of the bookstore "Bukvoed" contains 3.58 million lines with full names, emails, phones, social media IDs, encrypted passwords. The second file contains 3.27 million lines with logins, emails, phones, usernames and encrypted passwords. In just two files - 5.4 million unique logins: 2.58 million unique email addresses and 2.7 million unique phone numbers.

One of the two bases of the Leroy Merlin construction store contains more than 3.3 million lines with full names, registration and birth dates, phones, social media IDs and other information. Among all this, the Company found full names, hashed passwords and work mail of company employees, including top management. The second archive contains 1.75 million lines, which contain information including information about employees, including first/last names, phone numbers, mail addresses and other technical data. The relevance of the database is May 2023.

Among the merged data of the "Yours" network are names/surnames, emails and telephones. Total - 2.26 million lines with relevance for May 2023. From the site "Eat at Home" hackers were able to "pull out" 536 thousand lines with full names, e-mails and phones. Relevance - April 2023.^[1]

Data leakage of 2 million customers of Ascona

On June 7, 2023, it became known about the Ascona data leak. In this regard, the Russian manufacturer of sleep products began an internal audit. Read more here.

Data from millions of customers of Gloria Jeans store chain leaked

On June 6, 2023, it became known about the leak of data from millions of customers of the Gloria Jeans store chain. It was reported by the Telegram channel "Information Leaks," which is maintained by Ashot Hovhannisyan, founder of the DLBI darknet detection and monitoring service. Read more (Gloria Jeans)|here.

Data of millions of customers of the Auchan and Your Home networks was leaked

On June 6, 2023, Auchan confirmed information about the leakage of data from its customers. Initially, DLBI experts reported it in their Telegram channel "Information Leaks." Read more here.

There was a data leak of hundreds of thousands of applicants "Tasty - and full stop"

At the end of May 2023, it became known about the leakage of data from hundreds of thousands of applicants "Tasty - and full stop." According to the Infosecurity Telegram channel, hackers have made publicly available a database of job seekers in a fast food chain. The dump contains 295,914 lines and covers the period from January 1, 2018 to May 25, 2023. Read more here.

There was a data leak of tens of thousands of Dixie employees

On February 20, 2022, it became known about the leakage of data from Dixy employees. It was reported by the profile Telegram channel Data1eaks. Read more here.

1.1 TB of data from customers of one of the largest electrical stores in Russia was leaked

On February 7, 2023, it became known that cybercriminals had stolen an extensive database with information about customers of Elevel, one of Russia's largest electrical stores. Read more here.

Data leakage of 260 thousand Sportmaster customers in Kazakhstan

On January 11, 2023, it became known about a major leak of personal data of Sportmaster customers in Kazakhstan. According to the local computer incident response service KZ-CERT, the company is conducting an internal investigation into the incident. Read more here.

Data leak to Sportmaster customers

On January 1, 2023, Sportmaster recognized the leakage of customer data. The merged database included 1.6 million records. Read more here. Read more here.

2022

Delivery services and retailers allowed the most leaks in Russia

The largest volume of data leaks in Russia in 2022 fell on retail and delivery services - 14% and 34%, respectively. This is evidenced by the data of Kaspersky Lab, released at the end of February 2023.

According to the study, in 2022, over 2 billion records containing confidential information were made publicly available. This is almost 300 million user data, of which 16% - about 48 million lines - contained passwords. 168 cases of publications of significant databases of Russian companies were recorded. Most of the data (64%) was compromised due to attacks on large businesses.

If you distribute leaks evenly over the course of a year, it turns out that cybercriminals published ads almost every second day about confidential user information posted for free access, the report says.

According to the study, two leaks of companies from these areas were included in the top 10 in terms of the number of published user data. The organization added that the data of both users and employees get into the network. Kaspersky Lab expects that in 2023 the number of leaks will grow by 20%, they did not rule out that the retail sector will continue to attract the attention of cybercriminals.

At the same time, it is highly likely that attackers will continue to pay attention to the retail sector, which historically stores colossal amounts of information, "explained Igor Fitz, an expert on cybersecurity at Kaspersky Lab, quoted by RIA Novosti.

In connection with the possible growth of leaks in Kaspersky Lab, companies recommend building a comprehensive system for protecting the IT infrastructure, as well as developing a plan that will include steps in three main areas - incident investigation and response, as well as competent and timely communication with customers, partners and regulators.^[2]

The data of hundreds of thousands of VkusVill customers got into open access

In December 2022, VkusVill reported a major leak of personal data of customers after information about this appeared on Telegram channels. Read more here.

The data of users of discount cards of the "Red & White" network was leaked to the Internet

In early October 2022, it became known about a new leak of data from clients of the Krasnoye & Beloe network. According to Kommersant, citing materials from the Moshelovka platform created by the All-Russian Popular Front (ONF), one of the volunteers received a call from a fraudster who introduced himself as an investigator. He turned to a volunteer by pseudonym, which he used only to register in the loyalty program of the Red & White chain. Read more here.

DNS leaked personal data of customers and employees

The company, which operates a DNS network household appliances of digital stores, announced to leak personal data customers and employees on October 2, 2022. Exact information about the volume of compromised data in the company is not provided. More. here

Ozon customer orders leaked online

At the end of July 2022, it became known about the leakage of Ozon user data. The company itself confirmed this information and explained that the problem was due to the unfair actions of one of the employees. Read more [[Ozon.ru
Internet Solutions|here]].

Data leak of more than 8 million Russian users of various food delivery services

On May 22, 2022 data breaches Darknet , the DLBI intelligence and monitoring service announced that since February 2022 data , more than 8 million the Russian users of various food delivery services have leaked to the network. The first place is taken by the incident with the leak from the service "," Yandex.Food which occurred in March 2022 - more than 6.8 million users. The second place belongs to the Two Shores service - 780 thousand users, the third belongs to the hgclub.ru website - 106 thousand users. The leak from the hgclub.ru allegedly occurred on May 2, 2022.

Since ^{February 2022, data from 8 million customers of food delivery services have leaked to the network}

As reported, the rest of the incidents (about a dozen) fell on regional services with a small number of customers. DLBI did not take into account data customers - Delivery Club this information one got into open access on May 20, 2022. The company did not disclose details, DLBI experts believe that this is the largest leak in the market.

What is the real volume of client data in the entire database is difficult to say, since extrapolating the share of unique users in the probe gives 50 million customers, which is hardly possible.

However, we can say that if the real volume of the duck corresponds to the declared 250 million lines, then most or all of the Delivery Club order base fell into the hands of the attackers, and this is the largest leak from Russian delivery services at the moment.

On May 18, 2022, the director of the collateral department cyber security Ministry of Digital Development Vladimir Bengin said that negotiable fines for companies for personal data leaks will most likely be introduced during 2022. The revolving fine may be 1%, which, according to Bengin, is a "very large" fine[3] narrated by Ashot Hovhannisyan, founder of DLBI

Delivery Club confirms data breach of millions of users

On May 20, 2022, the Delivery Club food and food delivery service reported a leak of user data. As stated in the company, we are talking only about information about orders and do not affect bank details. Read more here.

There was a leak of data from the food delivery service "2 Shores"

Security researcher Bob Dyachenko discovered in the public domain the database of the food delivery service "2 Shores" with personal data of users of the service in 15 cities. This became known on March 30, 2022. Read more here.

The darknet sells data of 87 thousand visitors to the Moscow shopping center "Metropolis"

In February 2022 Darknet , the data of almost 87 thousand visitors to the Moscow shopping center "" were put up for sale in. Metropolis According to the "Information Telegram Leaks" channel, a database has entered the network, including such personal information of citizens as name, phone number, email address, links to social networks Vkontakte("," Facebook and). Instagram More. here

2021

A court in Moscow fined Oriflame for leaking personal data of customers

On November 18, 2021, the World Judicial District of the Khamovnichesky District fined Oriflame 30 thousand rubles for leaking personal data of customers. The company was found guilty of committing an administrative offense under Article 13.11 of the Administrative Code ("Violation of the legislation of the Russian Federation in the field of personal data storage"). Read more here.

Oriflame leaked 1.5 million passports of Russian citizens

On August 24, 2021, information appeared that Oriflame made a large-scale leak of 1.5 million passports of Russian citizens. All of them appeared in the public domain. Read more here.

2020: Red and White customer Data Base became available for download to everyone

On January 28, 2020, it became known about the leakage of data from customers of the Krasnoye and Beloye alcohol market chain. The loyalty program base got on the Internet. Read more here.

2019:14 million company and buyer records leaked

On September 16, 2019, it became known that about 14 million records about companies and individuals from Russia were made publicly available. An accidental leak was made by the fiscal data operator Drimkas. Read more here.

Notes