Posted 4 августа 2020, 10:44

Published 4 августа 2020, 10:44

Modified 24 декабря 2022, 22:37

Updated 24 декабря 2022, 22:37

Online voters' personal data leaked to the hackers

4 августа 2020, 10:44
Cyber fraudsters have figured out how to dispose with the passport data of participants in electronic voting on amendments to the Constitution that have leaked to the public. The hackers decided to monetize the information leak - to sell the data for $ 1.5 for each of more than a million records.

About 1.1 million numbers and series of passports of participants in the Internet voting on amendments to the Constitution, held from June 25 to July 1, were put up for sale on the darknet, Kommersant reports . Each line is priced at one and a half dollars, wholesale - cheaper, per dollar. The seller assures that the database is "fresh". He told the newspaper's correspondent that there is little sense from the passport numbers alone, but in conjunction with other data they can be much more useful. The seller offered to update his existing databases for a specific request - for example, add the full name, SNILS number or TIN, as well as credit history data.

As a test copy, the fraudster sent a screenshot of the combined database containing the last name, first name, patronymic, TIN and data on the citizen's registered companies. According to the seller, he was able to sell about 30 thousand lines.

As a reminder, Meduza reported on the leak of personal data from electronic voting on amendments to the Constitution. Then the journalists got access via an open link to the database file, which contained the coded passport data of the voters. We managed to decode the file and get the voter data.

Then the head of the department for the improvement of territorial management and the development of smart projects of the Moscow government, Artem Kostyrko, denied that the base could be made public. However, later "Kommersant" received a file from the seller with the passport data of the voters. The authenticity of the file was confirmed by the founder of DeviceLock Ashot Hovhannisyan.

The head of the CEC, Ella Pamfilova, explained that passport numbers by themselves "are not personal data".

- Nobody knows what information is there, the degree of reliability. Moreover, the series and numbers of passports by themselves, without reference to surnames, names, patronymics, are simply not personal data, she said.

However, IT specialists are confident that such cases are turning into a dangerous trend, but officials at the same time do not understand the importance of information security and do not attach due importance to it.

Note that the data of Russians who have become ill with coronavirus also got publicly available. Moreover, leaks from Russia accounted for more than a third of all data that got to hackers around the world.

Subscribe