Hacked Vehicle Owner Database For Sale

A database with 129 million records of car owners in Moscow is being offered for sale on a dark web forum. The seller leaked some data for potential buyers to verify its accuracy. This is anonymised and contains all the car details present in the traffic police registry the vendor claims.

The web forum also pointed out that multiple portals where people can pay these fines are leaking their full names and passport numbers by simply inputting the unique registration number of the ticket.

While the samples made public by the hacker includes vehicle details such as make and model, date of registration and place of registration, buyers of the breached database containing over 129 million data records will also be able to access personal information of car owners based in Moscow. 

According to local Russian media agencies, the complete database contains details like names, addresses, contact numbers, dates of birth, and passport numbers of Russian car owners. Anyone willing to spend 1.5 BTC (£11,416) will enjoy exclusive access to the database that is not available in normal sales. Russian business journal Vedomosti revealed that the database of Russian car owners contained information obtained from the traffic police registry and the authenticity of the database was confirmed by an employee of a car-sharing company whose vehicle details were in the database. 

It is, therefore, most likely that the hacker stole the database from Moscow traffic police's IT systems.

Even though the Russian police may have implemented some security measures, it needs to ramp up both its cyber security and stop the collection of highly confidential information which is easily accessible through a mere ticket number.
This isn't the first time that a Russian government or law enforcement agency has suffered a massive security breach. 
In July last year, FSB, Russia's largest and most powerful intelligence agency that succeeded the KGB following the dissolution of the Soviet Union, suffered the largest data breach in its history when a hacker group stole 7.5 terabytes of data from one of its largest contractors.

The massive data theft was carried out by a hacker group known as Digital Revolution that claimed to possess vast amounts of data concerning several of the FSB's covert activities. 

This apparently included data scraping from social media platforms, unearthing identities of individuals who engaged in secret communications on Tor, and creating a closed Internet for Russia.These documents were stolen by the hacker group 0v1ru$  from the servers of SyTech, one of the FSB's largest contractors. According to reports, SyTech works mostly with FSB's 16th Directorate which is responsible for signals intelligence.

While many of the stolen documents have been posted to Twitter by Digital Revolution via a series of tweets and such data can be used to not only aid in the physical robbery of vehicles but also target the owners in the cyber-world using techniques like Spearphishing.

Vedmosti:     TEISS:        Bleeping Computer:      HackRead

You Might Also Read:

Taiwan's Entire Population Database Stolen:

Personal Data Of 115m Pakistanis For Sale:

 

« Honda Hit By Ransomware
Coronavirus Tracing Apps Conflict With Privacy »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CloudPassage

CloudPassage

CloudPassage, a cloud security and compliance pioneer, safeguards cloud infrastructure for the world’s best-recognized brands.

Emerson Electric Co

Emerson Electric Co

Emerson provides industrial automation systems and associated cybersecurity solutions to protect critical process control systems from cyber attack.

Infosistem

Infosistem

Infosistem is a Croatian ICT company with extensive expertise and experience in enterprise and SMB ICT projects and solutions.

Ultratec

Ultratec

Ultratec provide a range of data centric services and solutions including data recovery, data erasure, data destruction and full IT Asset Disposal (ITAD).

Injazat

Injazat

Injazat Data Systems is an industry recognized market leader in the Gulf region for Information Technology, Data Center and Managed Services.

SyferLock Technology Corp.

SyferLock Technology Corp.

SyferLock is an innovative provider of next-generation authentication and security solutions.

HARMAN International

HARMAN International

HARMAN designs and engineers connected products and solutions for automakers, consumers, and enterprises worldwide.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

Digital Element

Digital Element

Digital Element is a global IP geolocation and intelligence leader with unrivaled expertise in leveraging IP address insights to deliver new value to companies.

CoreStack

CoreStack

CoreStack helps enterprises overcome cloud challenges such as ever growing security risks, stringent regulatory compliance needs and operational complexities.

BAE Systems

BAE Systems

BAE Systems develop, engineer, manufacture, and support products and systems to deliver military capability, protect national security, and keep critical information and infrastructure secure.

National Cybersecurity Alliance

National Cybersecurity Alliance

The National Cybersecurity Alliance is a non-profit organization on a mission to create a more secure, interconnected world.

Pangu Laboratory

Pangu Laboratory

Beijing Qi an Pangu Laboratory Technology Co., Ltd. was established on the basis of Pangu laboratory, a well-known cyber security team.

Blockfence

Blockfence

Blockfence are a seasoned crew versed in enterprise-grade cybersecurity and crypto, on a mission to collaboratively shape the future of Web3 security.

Hummingbird International

Hummingbird International

Hummingbird International, LLC offers services for the collection, audit, computer recycling and safe disposal of laptops, monitor/LCD, hard drives, and IT disposal.

Prowler

Prowler

Prowler is at the forefront of the Open Cloud Security movement, championing a new era of transparency, customizability, and community-driven security for cloud environments.