LAST MONTH THE ENTIRE population of Ecuador had private data leaked on to the internet. Now it's Russia's turn: it's not the entire country this time, but due to their relative population sizes, the leak is pretty much identical in size. In other words, it's bloody huge.
Comparitech and security researcher Bob Diachenko discovered a database with over 20 million Russian tax records left open on an unsecured web server. If you have a web browser - very much like the one you're looking at right now - you could have seen personal records of millions of Russians dated between 2009 and 2016, mostly based around Moscow.
Most of the databases on the server contained random or publicly sourced data, but two of them were packed full of legitimate personal and tax records: one 14 million-strong database with data from 2010 to 2016 and a smaller file with ‘just' six million records from 2009 to 2015.
The records contained names, addresses, residency statuses, passport numbers, phone numbers, Tax ID numbers, employer names and tax amounts. None of this was encrypted or required a password, of course.
The records are now offline after the site made contact with a mysterious and largely unknown Ukranian owner, but they were first indexed by search engines last May, meaning they were wide open and accessible for 16 months.
It's not clear if anybody did find the records before they were secured, but as ever with these things, Russian citizens should keep an eye on their accounts, and be on the lookout for phishing attempts or other targeted scams. With this kind of information, fraudsters could pass as a convincing tax official, or try their hand at identity theft. Be vigilant, Russians. µ
You could soon buy that ivory backscratcher on Marketplace in a few taps
Just in case you're too posh for Whole Foods
Borked butterfly mechanism is dead
AI nirvana in the cloud