They stole me without me – Newspaper Kommersant No. 237 (7438) of 12/21/2022

Database leaks in Russia by the end of the year became commonplace – news about them appears with enviable regularity, and company representatives and officials have developed standard schemes for public response. Best of all, perhaps, the script took root, which implies the denial of the very fact of hacking and the transfer of arrows to the leaks that happened earlier, from which “new databases were compiled”.

After the Moscow Electronic School user data was published online in mid-December, the system operator, the Moscow Department of Information Technologies, stated that “the published materials are not related to real user data,” although leak verification experts disputed this assertion (see “Kommersant” of December 13).

There was a similar reaction to the next, fifth in a row, statement by hackers about compromising the data of users of the country’s key federal IT system – Gosuslug, which is operated by the Ministry of Digital Development. This case really did not differ much from the previous ones, the names, dates of birth, TIN, mail addresses and phone numbers of citizens turned out to be on the network. The comment was not long in coming: the head of the Ministry of Digital Development, Maksut Shadayev, said that it was about “compiling data from an old leak by the Russian Post company.”

Information about users of the postal operator got into the network at the end of July, the company confirmed the fact, assuring that “the hackers failed to gain access to the entire database.” However, at that time there was a different set of information in the public domain: in addition to the full names of customers, the database contained the names of cities, postal codes, weight and status of the parcel, and other company-specific data, but there was no TIN and dates of birth, experts of the profile Telegram channel “Leaks” note. information.”

It turns out that the Ministry of Digital Development, on the one hand, pointed to the authenticity of the incident in the Russian Post (which, however, few people doubted), on the other hand, that the compilation at least enriched the database (if there really was no real drain of the State Services database ). And there is little comfort in that. After all, the more often the database is updated and supplemented, the more reliable its content becomes, say participants in the cybersecurity market.

Optimists in the industry call the very recognition of a problem the first step towards a solution. Over this year, both business and the public sector in Russia have moved from the stage of “denial” to “acceptance”, and next year the situation is to be changed by the turnover fines planned by the Ministry of Digital Development. But tough financial sanctions can also reverse the process, provoking an endless shifting of responsibility from company to company (this is how it is now on the Russian Post). After all, to prove the fact and volume of leakage is actually extremely difficult.