Russian Drivers’ Private Information Available For Sale
Cybercriminals Sell the Personal Data Belonging to Millions of Russian Drivers, and Nobody Knows How they Managed to Get the Information.
The personal information of millions of Russian drivers is being sold by hackers on an underground market for only a few hundred dollars. As it turns out, the stolen data is 100% authentic, even if out of date for some of the affected drivers, and was allegedly obtained between 2006 and 2019.
What Data Was Stolen?
The database contains information on millions of Moscow car owners, including full names, vehicle details such as brand and model, year of registration, VIN code and license plate, driver’s date of birth, and contact information.
Who Is Behind the Data Leak?
It’s still unclear whether the individual who stole the information is either an insider or a threat actor who broke into the systems where the data was being kept. According to the database seller, the source was an insider from the Moscow traffic police department.
The authorities in Moscow didn’t say anything about this possibility yet, and experts have different opinions about who conducted the attack.
While some of the analysts are convinced that the leak was caused by insiders, others think that cybercriminals abused a flaw in the system’s software to exfiltrate the data.
Alexei Parfentiev, head of the analytics department at SerchInform, said:
The insider job looks more likely because the requirements of regulators on internal structures in the traffic police are less strict than those that concern protection from external attacks.
According to another expert, it could potentially be a cyberattack aimed at insurance firms, given all of the leaked information is usually found in their systems.
Whatever technique was used to access the database, it was collected for almost 13 years, so if there was a breach that someone was able to exploit, it definitely ended last year when Russia finalized the transfer of all information to a central server.
At the moment, it is unknown how many people purchased the stolen database, but those who have been affected should unquestionably be on the lookout for phishing or identity theft campaigns.
The good news is that the stolen information is not super confidential, but given the archive’s cheap cost, the individual selling it could find a large number of buyers among smaller hacker organizations searching for fast exploits.