The fact that there are data from banking users Joom, which specializes in the delivery of goods from China around the world, is reported by RBC, citing its sources in the banking sector, as well as a source close to the Central Bank.
In confirmation of the words of the sources, RBC found announcements about this database published last week on specialized portals and in Telegram. And it's not even about selling - most of the data can be downloaded for free.
The Center for Monitoring and Responding to Computer Attacks in the Credit and Financial Sphere of the Bank of Russia sent messages to banks whose cards were used by clients from the database. Visa also informed the banks about the leak.
The database records contain the first six and last four digits of the card number, its expiration date, an indication of the payment system and the credit organization that issued the "plastic", the owner's full name, his phone number and e-mail address, and the address of residence.
According to a Joom spokesman, the leak occurred in March 2020, when attackers gained access to the resources of one of Joom's counterparties, with which the marketplace had already terminated its relationship. In March, the company reported a leak, but then it was only about addresses, names and contact details, and it did not mention bank card numbers. The company said that the leak affected "at least one thousand users" in Russia and Belarus, but not 55 thousand.
The database contains information about the cards of Sberbank, Rosselkhozbank, Otkritie, Raiffeisenbank, MKB, Tinkoff Bank, Rosbank, Post Bank, Qiwi Bank, Absolut Bank, Ak Barsa, Promsvyazbank, Citibank, Unicredit Bank, banks Saint Petersburg, Uralsib, Zenit, Renaissance Credit and others - both Russian and foreign banks.
Let us recall that last year about 68% of Russian banks faced regular data breaches. Moreover, in most cases, the employees of credit institutions themselves were to blame for these leaks.
As for cybercrime in general, the losses of the Russian economy as a result of the actions of hackers are predicted next year at the level of seven trillion rubles.