RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Drimkas

Company

width=200px

Content

History

2019: In network 14 million records of the companies and buyers flowed away

On September 16, 2019 it became known that about 14 million records about the companies and natural persons from Russia got to open access. Accidental leak was allowed by an operating company of fiscal data Drimkas.

According to Izvestia with reference to the company on cyber security of DeviceLock, within three days information on the e-mail addresses and phones of representatives of the company, the concluded bargains, the range and the prices of goods and also phones and e-mail of 3 thousand individuals was available.

About 14 million records about the companies and natural persons from Russia got to open access

Journalists of Izvestia called several numbers which got to open access and found out that phones really belong to clients of OFD "Drimkas". In one of records, for example, it is visible that the client purchased a vodka bottle on pine nuts and 150 g of cheese.

The founder and the technical director of DeviceLock Ashot Oganesyan considers that for information storage Drimkas uses the database management system (DBMS) Elasticsearch. Access to them often remains open because of errors of IT specialists. They just forget to deliver ticks in the right places, Oganesyan noted.

Drimaksa explained leak with attacks on servers. The company considers that information published in media "distorts the facts". What specifically the claim at Drimaks to the publication of the newspaper, in the message is not specified.

The CEO Drimkas Pavel Tolstonosov emphasized that the protection circuit on one of them suffered, the problem is fixed.

As reported in the Federal Tax Service, fiscal data appeared in open access for the first time. If information on leak is confirmed, then the company is threatened by a penalty to one million rubles, noted there.

Promulgated information will potentially allow to analyze behavior of buyers and to try to involve them in promotion companies. All victims should expect "cold" calls and spam, experts believe.[1]

Notes