Elevel

The company "Elevel" is engaged in the complex supply of modern electrical equipment, cable-conductor and lighting products. Elevel is the official distributor of well-known European and Russian manufacturers. In addition to supplies and sales, Elevel offers the design of power supply for buildings and uninterruptible power supply systems. The company's specialists create domestic and dedicated power supply networks, as well as develop projects for autonomous power supply of residential and industrial premises. Elevel has its own production of electrical switchboard products up to 5000A. The production allows you to assemble electrical and automation boards, both according to typical and individual projects.

History

2023: 1.1 TB customer data leaked

On February 7, 2023, it became known that cybercriminals had stolen an extensive database with information about customers of Elevel, one of Russia's largest electrical stores.

According to Cybernews, a resource specializing in information security issues, an array of approximately 1.1 TB was in the hands of cybercriminals. It contains about 7 million records of users of the e.way Internet procurement service, which is owned by Elevel. The database, in particular, includes the full names of the company's customers, phone numbers, email addresses and delivery addresses. It is noted that the monthly audience of e.way is approximately 25 thousand visitors, so personal information about tens of thousands of people could be stolen.

February 7, 2023 it became known that cybercriminals stole an extensive database with information about Elevel customers

Cybernews researchers warn that stolen information can be used to organize targeted phishing attacks aimed, for example, at stealing money. Moreover, the database contains some logins and passwords, which theoretically allows cybercriminals to obtain additional confidential data about Elevel clients. In the future, such information can be used to make fraudulent purchases on behalf of real customers of the company.

Elevel itself has not yet made an official statement about the leak. Therefore, it is not clear whether the hack is related to the implementation of a ransomware program. But it is reported that the stolen database appeared on the Internet on January 24, 2023. It contains information about Elevel clients over two years. As of February 8, 2023, access to the base was closed.

We encounter unprotected databases every day. In some cases, they contain publicly available information and therefore do not pose serious risks to the company or its customers. However, this is not always the case, say Cybernews experts.[1]

Notes