Roskomnadzor did not receive notifications from NSPK about a possible data leak

Roskomnadzor did not receive notification of the data leak from the National Payment System (NSPK, operator of the Mir payment system). A representative of the department reported this to Vedomosti.

“As of 13:00 on October 31, 2023, Roskomnadzor has not received notification of the incident from the operator,” he said.

Earlier, Vedomosti reported that the NSPK website and the Mir payment system were hacked. On the main page of the site, information appeared about a new site, which was “kindly produced by Dump Forums partners” in exchange for all personal data of clients.

A representative of the operator stated that the site is only a business card with information about the company’s activities and does not contain any confidential data, and is not related to the payment infrastructure. He emphasized that the processing of all payments and transactions through the Faster Payment System (FPS) is carried out as usual.

Experts interviewed by Vedomosti also said that the attack only affected a website that was not involved in transaction processing. They called a possible data leak unlikely.

The NSPK was created in 2014 after the introduction of Western sanctions against Russia over Crimea. The issue of Mir cards began in 2015. NSPK has also been processing all transactions for all bank cards within the country since 2015. In addition, in 2019, the operator, together with the Central Bank, launched an SBP.