Hacked Vehicle Owner Database For Sale

Uploaded on 2020-06-10 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

A database with 129 million records of car owners in Moscow is being offered for sale on a dark web forum. The seller leaked some data for potential buyers to verify its accuracy. This is anonymised and contains all the car details present in the traffic police registry the vendor claims.

The web forum also pointed out that multiple portals where people can pay these fines are leaking their full names and passport numbers by simply inputting the unique registration number of the ticket.

While the samples made public by the hacker includes vehicle details such as make and model, date of registration and place of registration, buyers of the breached database containing over 129 million data records will also be able to access personal information of car owners based in Moscow. 

According to local Russian media agencies, the complete database contains details like names, addresses, contact numbers, dates of birth, and passport numbers of Russian car owners. Anyone willing to spend 1.5 BTC (£11,416) will enjoy exclusive access to the database that is not available in normal sales. Russian business journal Vedomosti revealed that the database of Russian car owners contained information obtained from the traffic police registry and the authenticity of the database was confirmed by an employee of a car-sharing company whose vehicle details were in the database. 

It is, therefore, most likely that the hacker stole the database from Moscow traffic police's IT systems.

Even though the Russian police may have implemented some security measures, it needs to ramp up both its cyber security and stop the collection of highly confidential information which is easily accessible through a mere ticket number.
This isn't the first time that a Russian government or law enforcement agency has suffered a massive security breach. 
In July last year, FSB, Russia's largest and most powerful intelligence agency that succeeded the KGB following the dissolution of the Soviet Union, suffered the largest data breach in its history when a hacker group stole 7.5 terabytes of data from one of its largest contractors.

The massive data theft was carried out by a hacker group known as Digital Revolution that claimed to possess vast amounts of data concerning several of the FSB's covert activities. 

This apparently included data scraping from social media platforms, unearthing identities of individuals who engaged in secret communications on Tor, and creating a closed Internet for Russia.These documents were stolen by the hacker group 0v1ru$  from the servers of SyTech, one of the FSB's largest contractors. According to reports, SyTech works mostly with FSB's 16th Directorate which is responsible for signals intelligence.

While many of the stolen documents have been posted to Twitter by Digital Revolution via a series of tweets and such data can be used to not only aid in the physical robbery of vehicles but also target the owners in the cyber-world using techniques like Spearphishing.

Vedmosti:     TEISS:        Bleeping Computer:      HackRead

You Might Also Read:

Taiwan's Entire Population Database Stolen:

Personal Data Of 115m Pakistanis For Sale:

 

« Honda Hit By Ransomware
Coronavirus Tracing Apps Conflict With Privacy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Bromium

Bromium

Bromium deliver a new technology called micro-virtualization to address the enterprise security problem and provide protection for end users against advanced malware.

SecureWorks

SecureWorks

SecureWorks provides intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

Blue Ridge Networks

Blue Ridge Networks

Blue Ridge offers a suite of solutions that enable secure remote access to the enterprise network with protection and control of endpoints.

Chainalysis

Chainalysis

Chainalysis provides blockchain analysis software to prevent, detect and investigate cryptocurrency money laundering, fraud and compliance violations.

KeepSolid

KeepSolid

KeepSolid is a Virtual Private Network services provider offering secure encrypted access to the internet.

Cervello

Cervello

Cervello is a leading provider of comprehensive and proven solutions to protect railways against cyber attacks.

Red Alert Labs

Red Alert Labs

Red Alert Labs is an IoT security provider. We created an independent security lab with a disruptive business offer to solve the technical and commercial challenges in IoT.

S2S Group

S2S Group

S2S Group specialise in the destruction and management of IT assets at the end of the lifecycle.

X-Ways Software Technology

X-Ways Software Technology

X-Ways provide software for computer forensics, electronic discovery, data recovery, low-level data processing, and IT security.

Global Accelerator Network (GAN)

Global Accelerator Network (GAN)

Global Accelerator Network are a highly curated community of independent Accelerators, Partners and Investors.

Thrive

Thrive

Thrive delivers the experience, resources, and expertise needed to create a comprehensive cyber security plan that covers your vital data, SaaS applications, end users, and critical infrastructure.

DataPassports

DataPassports

DataPassports is a data-centric security and privacy solution that enforces privacy and security from end-to-end with transparent protection of data at the source.

Redwall Technologies

Redwall Technologies

Redwall provides cybersecurity expertise and technology to prevent and respond to emerging threats against mobile applications and connected infrastructures.

ANSEC IA

ANSEC IA

ANSEC is a consultancy practice providing independent Information Assurance and IT Security focussed services to customers throughout the UK, Ireland and internationally.

Regulativ.ai

Regulativ.ai

Regulativ.ai is an innovative and comprehensive platform, driven by AI, to address the regulatory and compliance needs of Cyber Security Regulatory compliance and reporting.

Space Hellas

Space Hellas

Space Hellas is a dynamic, established System Integrator and Value Added Solutions Provider, holding a leading position in the high technology arena.