Hundreds of thousands of Russians, including former government officials, have had their passport data posted online in the country’s latest massive data leak.
The breach of at least eight government websites, analyzed by privacy expert Ivan Begtin, exposed the passport data of 360,000 people. Last month, Begtin disclosed that 2.2 million passport entries taken from online marketing websites were openly available online.
In total, 2.2 million records with personal data are available from electronic trading platforms that can be divided into 2 groups.
1. Passport data from decisions to approve major transactions.
These documents should be published according to the law and the regulatory framework of 44-FZ, the “Law on the Contractual System”. According to the practice of the Russian preparation of such documents, they often contain the passport data of the founders.
2. Full name, place of work, position, email, TIN and SNILS from electronic signature files
After applying the digital signature files in the .sig files after they are decoded, you can get the metadata of the certificate that was used for the signature. This metadata contains the name, place of work, position, email, TIN, SNILS, and sometimes other information about the person.
UK based technology professional, with an interest in computer security and telecoms.