The personal data of 703 thousand employees of Russian Railways, from the CEO to the drivers, were publicly available. A few hours later, the site administrator who published the data closed access to it, but this did not prevent their further distribution. The Russian Railways announced the beginning of the inspection.
Note that according to the report for the first half of 2019, the number of employees of Russian Railways amounted to 732 thousand people, thus, in the public domain were full names, addresses, Individual insurance account number (SNILS), phones and even photos of 96% of employees.
However, the representative of Russian Railways assured that the personal data of the passengers were not stolen: “The Ticket Sales System has the protection of personal data of a high degree of reliability.”
The founder and technical director of the company DeviceLock, specializing in the prevention of data leakage from corporate computers, Ashot Hovhannisyan on Tuesday, August 27, reported in his Telegram-channel “Information Leak” and in his blog on the Habr.com that unknown posted in open access personal data of 703 thousand people. At the same time, the attackers added a note to the publication: Thanks to Russian Railways for the information provided by careful handling of personal data of its employees.”
The data of Russian Railways employees was published on the website infach[.]me under the title “Slaves of the Railways”. At the moment, the website doesn’t work. The infach[.]me domain was registered in February 2018, it allowed users to anonymously publish personal data of other people.
According to the results of the first inspection of the Russian Railways, it became known that the data of the company’s employees got into open access after hacking the system. According to one version, cybercriminals hacked servers on which the Personnel Department stored complete information about its employees, including their names, surnames, SNILS, mobile phones, tax identification number. According to another version, attackers hacked the database of the Corporate University of Russian Railways, where almost all employees study. The company said that the incident is an attempt to discredit, but its purpose is still unknown.
It should be noted that the day before also became known about the leakage of data of hundreds of Russians, presumably through the Russian System for Operative Investigative Activities (SORM), with which the security services can read the correspondence of citizens.