Mail.ru commented on reports of user data leakage

The personal data of Mail.ru users that were previously in the public domain are associated with a leak at the beginning of 2022 from another service, informed “Interfax” with reference to the press service of the company.

“Mail users are not in danger, the service is securely protected. The results of the audit showed that the published data is related to the leak of a third-party service at the beginning of last year, ”they said.

Information about the leak previously appeared in the Telegram channel “Information Leaks”. In total, a database with 3.5 million records containing an ID, an email address on the mail.ru, bk.ru, inbox.ru domains, etc., a phone number, a first name, a last name, and a login turned out to be open access.

Information about the leak will also be checked by Roskomnadzor, transmits TASS with reference to the press service of the department.

In mid-December, Roskomnadzor informed about the leak of more than 600 million records about Russians since the beginning of the special operation. The main source of the drains is foreign resources, they said.

On December 14, Maksut Shadayev, head of the Ministry of Digital Development, stated that the department developed draft law on turnover fines for companies for leaking users’ personal data, they can amount to up to 3% of the organization’s turnover. The Minister also called the situation with the leakage of personal data “serious” and “difficult”. January 13 Russian President Vladimir Putin instructed government until July 1 to consider introducing turnover fines for companies that have leaked personal data.

According to the amendments to the law “On Personal Data”, which came into force on September 1, 2022, in the event of a data leak, the operator is obliged to notify Roskomnadzor within 24 hours, and within 72 hours to provide the department with the results of an internal investigation indicating the reason and those responsible. persons. Currently, the maximum fine for a business for a data breach is RUB 500,000. (Article 13.11 of the Code of Administrative Offenses of the Russian Federation).