The situation is getting worse: in the first five months of this year, information leaks were recorded about 65 million users of various Russian services and companies, in the first half of June alone, 10 million citizens faced personal data leaks. Leaks along the chain lead to an increase in fraud.
At the St. Petersburg International Economic Forum, Deputy Chairman of the Board of Sberbank Stanislav Kuznetsov said that information about 80 million Russians turned out to be Russian-speaking scammers. About 500 million lines of personal data were stolen, including names, phone numbers, addresses, passport details and bank card numbers. Millions of criminals are hunting for information about citizens.
“There is a shadow Internet with a Russian-speaking segment. Russian-speaking representatives on the shadow Internet can be located in different countries of the world, we do not always know in which ones. But for this kind of cyber fraudsters today, it is Russia and Russian structures that are the target targets. And we see about a million such scammers actively working in the Russian-speaking cyberspace,” Kuznetsov said in an interview with RIA Novosti.
In 2023, the growth in the number of personal data leaks will continue, predicts Anna Kulashova, Managing Director of Kaspersky Lab.
Between January and May, hackers posted 33 percent more stolen bases than in the same period in 2022.
According to the expert, in most cases, cybercriminals manage to get hold of personal data through phishing or malicious emails. More often than not, stolen information is made available to the public rather than sold.
“We regularly conduct research, and, according to our data, (the main causes of leaks) are the exploitation of external vulnerabilities and the human factor. The latter should be considered quite broadly,” Anna Kulashova explained.
In June, the databases of trading companies were subjected to a massive attack by hackers. Gloria Jeans, a chain of clothing stores, notified Roskomnadzor of a leak of information about 3 million customers; information about 2 million customers of the Askona company got into the public domain. In addition, the online store of the Eksmo-AST publishing house Book24 and the insurance company Renaissance Insurance were attacked. Later, it became known about the leak of data of citizens registered on the culinary portal of Yulia Vysotskaya, the websites of the Leroy Merlin and Tvoye retail chains, as well as the Bukvoed bookstore. Clients of the Auchan and Your House hypermarkets were among the victims of the leaks, information about them was leaked by the same source that previously published the personal data of clients of the SberSpasibo bonus program, SberPravo and SberLogistics online platforms.
Against the background of frequent leaks of personal data, the number of cases of telephone fraud has also increased rapidly. According to representatives of Sberbank, the number of calls from criminals this year has increased from 5 to 8 million per day.
“In most cases, scammers intimidate citizens that their savings are at risk, and offer to transfer funds to a safe account that belongs to the criminals themselves,” lawyer Alexander Vostrikov explains to Octagon.
“In the last year, there has been a sharp increase in the number of attempts to deceive the elderly according to the old scheme, which was actively used back in the 1990s: under the pretext of saving a relative who allegedly had an accident or committed a crime, scammers persuade the elderly to transfer their cash savings or withdraw money from the account” .
Alexander Vostrikov | lawyer
“If the victim falls for the bait, a taxi is sent to transfer money through an unsuspecting driver. It was the taxi drivers who confused the cards for fraudsters more than once, reporting suspicious calls to the police, he continues.
According to the interlocutor, attackers take information from stolen bases. The same bases are used by annoying advertisers who pester Russians with intrusive calls offering goods and services.
– Both I and most of my clients receive advertising calls all the time, scammers periodically call. At the same time, strangers do not call on the phones of children who have never been exposed to any systems. There are only promotional offers from a mobile operator. At the same time, older people whose data is available only in Sberbank for receiving a pension (they have not registered anywhere else) receive unwanted calls regularly,” adds Vostrikov.
Information security specialist Oleg Bazhov believes that the information posted by hackers in June could have been stolen earlier. According to him, the simultaneous publication of various leaks could pursue the psychological effect of pressure within the framework of the information war. The problem is also that for leaking personal data, companies can be punished with a fine of 500 thousand rubles. For large organizations, this is quite a bit, the expert believes.
“Regular audits, vulnerability assessments and possible data leakage channels will have to pay much more. In this regard, companies are limited to formal measures such as installing antiviruses, regularly changing passwords, and the like.
Oleg Bazhov | information security specialist
– The practice of collective lawsuits from victims has not yet been formed either – people perceive the leakage of their personal data as an inevitability and cost of digitalization. Now the Ministry of Digital Development is developing amendments to the legislation, according to which fines for the leakage of personal data should increase significantly. In addition, they want to give citizens the opportunity through the “Gosuslugi” to demand compensation for leaks of personal information. The question is in what form the bill will eventually be adopted and how it will work, he concludes.
In the absence of real protection from cybercriminals, more and more citizens are trying to hide from the benefits of digital civilization. Individual parents of schoolchildren are most actively opposed to digitization, and the fears of adults are justified.
Digitizers have opened to scammers access to personal data of children
Russia has been at war with the united West for more than a year, but the transformation of the educational sphere according to the patterns of the enemy is in full swing. Many parents have previously been skeptical about electronic diaries, distance learning and other formats for using technology in the learning process. Now they are faced with a new scourge: the personal data of children collected on educational platforms falls into the hands of scammers.
Every year it becomes more and more difficult to bypass digital school services, says the mother of a sixth-grader from the Moscow region, Natalya:
– I basically do not register at the “Gosuslugakh”, I do not have access to an electronic diary, all grades for my son’s teachers put down on paper. Last academic year there was a lot of pressure from teachers to register with NES and Sferum, but then we were left alone. It will be more difficult when the deadline for passing the OGE comes, but for now it is still possible to pass exams without registering on digital portals.
“Many people look at people like me as crazy, but we just want to protect the personal data of our children until they are of age, when they can decide for themselves how to dispose of it. It is already clear that schools are uncontrollably transferring digital information about a child to third parties where it cannot be adequately protected.”
Natalia | resident of the Moscow region
During the pandemic, officials managed to drag a record number of citizens onto electronic portals, the interlocutor of the publication notes. Now people are suffering from advertising and fraudulent calls and have no control over what happens to their personal data.
– There were cases when women could not receive benefits due to the fact that they or their children were considered dead due to errors in the system. After the decision to create a biometric database at the state level, the threats only increase. It is impossible to change this data, like a phone number, and naturally, there is no hope for their reliable protection in modern realities in our country, – says Natalya.
The convenience of digital services has become increasingly questionable in recent months. Russians regularly encounter system failures, including on government portals, in medical institutions and on educational platforms. In early June, the work of polyclinics in Yekaterinburg practically stopped: doctors could not enter data into medical records, view pictures and test results of patients. In May, for several weeks, Muscovites complained about failures in the traffic police database, due to which the time for registration actions with cars increased significantly. Both metropolitan teachers and schoolchildren regularly encounter problems in the work of the MES during the academic year.