Why information about personal data leaks no longer causes panic

On March 13, Russian Telegram channels began to spread information about a data leak from the National Bureau of Credit Histories (NBKI) – more than 200 million lines with applications for loans. 500 thousand lines were made publicly available, in which full name, date of birth, place of residence, telephone number, loan amount, etc. The NBKI assured that the information posted in the public domain has nothing to do with the bureau and, “most likely, it was received from some microfinance organization.”

At the beginning of March, bloggers discussed another similar leak, from the Seimer IFC – 16 million records of platform clients. Seimer representatives claimed that there was no hacking. Sources in the financial market said that “if there was a leak, it was from the IFC supplier company.” At the beginning of January, news appeared about a leak of 38 million records from Alfa Bank, which the bank, naturally, denied.

It happens that the state also announces huge leaks – in mid-February, Roskomnadzor reported the compromise of 500 million records, the traces of which in reality none of the relevant specialists could find.

However, if you add up the scale of announced leaks since the beginning of the year, you get more than 750 million lines. This is five entries for each Russian, including the elderly and infants. Why information about leaks of hundreds of millions of personal data no longer causes panic, despite the fact that, according to VTsIOM, more than two-thirds of Russians who use the Internet (68%) fear for the safety of their personal data is easy to understand from the statistics of the Central Bank and Roskomnadzor. According to the latter, 4 major leaks were recorded in 2021, in 2022 – 140 (+3500%), in 2023 – 168 (+20%), while according to the department, 600 million records were leaked in 2022, and 2023 – 300 million. How this affected the theft of citizens’ funds from banks can be seen from the Central Bank data: in 2022, the increase in stolen funds compared to 2021 was 4.29%, and in 2023 compared to 2022 – 11.48% . That is, no way. And there is a completely logical explanation for this: according to banks, up to 80% of funds from citizens are stolen by the method of social engineering, and everything that could have leaked about each of us, suitable for social engineers, has already leaked. Citizens are accustomed to treating social engineering like mosquitoes: they exist and this fact cannot be changed; if you don’t want to meet them, don’t go to the swamp or take repellent with you.

The biggest beneficiaries of news about high-profile leaks are now the various government bodies, from deputies to ministerial officials. Some may rightfully show concern for the population by coming up with another bill to protect them, while others may increase fines for companies or strengthen their regulation.