The National Credit Bureau has denied a major leak of its customer database. This was previously reported by the Telegram channel “Information Leaks”. According to its authors, passport data, phone numbers, loan amounts and other information about the bureau’s clients were made publicly available. In total – more than 200 million lines. As the blog authors clarified, the database was published by a hacker. NBKI, for its part, denied the leak. They stated that there was no reason for this, and noted that the Telegram channel wanted to “catch a certain hype” in this way. However, the bureau admitted that the information could be real.

What data is contained in the database? And how dangerous can this be? Vladimir Ulyanov, head of the Zecurion analytical center, answered this question to Kommersant FM: “The information contained in this database is quite universal. People’s names, passports, contact numbers, region – all this is used in many places. Therefore, based on this set of fields, it is impossible to judge the origin of the data; it is assumed that this is a fragment of the database.

But if we are talking about a case in which, as in this case, there are hundreds of thousands of contacts, then it can hardly be called a fragment; this is really a full-fledged database that is of interest, including for scammers. It may be used for unlawful purposes and cause some harm.

You should not think that this is information that can be used to take out a loan for a person. There are other scenarios, for example, the use of social engineering methods, when they call, ingratiate themselves and force a person to give out data that can be monetized.”

The data protection expert community believes that the publicly available database is most likely an amalgamation, that is, not unique data, but a compilation of previously leaked data. But to speak in more detail, it is necessary to conduct additional investigation. As NBKI noted, the source of the leak could be lenders and credit brokers.

According to the basic standard of the Central Bank, in order to assess the client’s solvency, such organizations must obtain information from the credit history bureau. But the organization is not their only source. In particular, MFOs use their models to estimate borrowers’ income to determine their debt burden. Security Director of the Eqvanta group of companies Anton Gruntov believes that the version of a leak from an MFO is unrealistic:

“The key point is that no financial institution, including banks that are even in the top 3, is likely to own such a volume of individual unique accounts. We are inclined to believe that this is a gluing, that is, the number of unique accounts that is stated is not the same.

Typically, such leaks are provocative in nature, their purpose is to cast doubt on the reliability of the security system of an organization and create a public outcry.

We need to understand whether these records are unique, how much data is concentrated in each of them, and then we need to figure out which organizations can aggregate this information in the same way as it is now contained in the leak.”

Meanwhile, as “Kommersant” writes, if you sum up the scale of announced leaks since the beginning of the year, you get more than 750 million lines. This is five entries for each Russian, including the elderly and infants.

---

Everything is clear with us – Telegram channel “Kommersant FM”.

Ekaterina Vikhareva

The National Credit Bureau has denied a major leak of its customer database. This was previously reported by the Telegram channel “Information Leaks”. According to its authors, passport data, phone numbers, loan amounts and other information about the bureau’s clients were made publicly available. In total – more than 200 million lines. As the blog authors clarified, the database was published by a hacker. NBKI, for its part, denied the leak. They stated that there was no reason for this, and noted that the Telegram channel wanted to “catch a certain hype” in this way. However, the bureau admitted that the information could be real.

What data is contained in the database? And how dangerous can this be? Vladimir Ulyanov, head of the Zecurion analytical center, answered this question to Kommersant FM: “The information contained in this database is quite universal. People’s names, passports, contact numbers, region – all this is used in many places. Therefore, based on this set of fields, it is impossible to judge the origin of the data; it is assumed that this is a fragment of the database.

But if we are talking about a case in which, as in this case, there are hundreds of thousands of contacts, then it can hardly be called a fragment; this is really a full-fledged database that is of interest, including for scammers. It may be used for unlawful purposes and cause some harm.

You should not think that this is information that can be used to take out a loan for a person. There are other scenarios, for example, the use of social engineering methods, when they call, ingratiate themselves and force a person to give out data that can be monetized.”

The data protection expert community believes that the publicly available database is most likely an amalgamation, that is, not unique data, but a compilation of previously leaked data. But to speak in more detail, it is necessary to conduct additional investigation. As NBKI noted, the source of the leak could be lenders and credit brokers.

According to the basic standard of the Central Bank, in order to assess the client’s solvency, such organizations must obtain information from the credit history bureau. But the organization is not their only source. In particular, MFOs use their models to estimate borrowers’ income to determine their debt burden. Security Director of the Eqvanta group of companies Anton Gruntov believes that the version of a leak from an MFO is unrealistic:

“The key point is that no financial institution, including banks that are even in the top 3, is likely to own such a volume of individual unique accounts. We are inclined to believe that this is a gluing, that is, the number of unique accounts that is stated is not the same.

Typically, such leaks are provocative in nature, their purpose is to cast doubt on the reliability of the security system of an organization and create a public outcry.

We need to understand whether these records are unique, how much data is concentrated in each of them, and then we need to figure out which organizations can aggregate this information in the same way as it is now contained in the leak.”

Meanwhile, as “Kommersant” writes, if you sum up the scale of announced leaks since the beginning of the year, you get more than 750 million lines. This is five entries for each Russian, including the elderly and infants.

---

Everything is clear with us – Telegram channel “Kommersant FM”.

Ekaterina Vikhareva