An alleged database belonging to “Russia Post” has been exposed, revealing sensitive information on millions of mailings and their recipients.
A new data leak raises concerns in Russia: a database containing 26,570,979 records, supposedly from “Russia Post”, has been made public. This information covers a period from December 2, 2014 to April 18, 2024 and concerns shipments from organizations and individual entrepreneurs. Compromised information includes recipient names, partially obscured telephone numbers, partial addresses, and specific shipment details such as weight, cost, and type. Selective verification confirmed the authenticity of the data, increasing concerns about its potential exploitation by malicious actors. While only a fraction of the database is publicly accessible, the implications of this leak raise questions about data privacy and security in Russia. Let’s explore the details and issues of this new leak.
A massive leak confirmed
According to initial analyses, the database in question contains sensitive information collected over nearly a decade. Here are the main elements revealed by this leak:
Recipient information: Recipients’ first and last names, telephone numbers (partially hidden) and partial addresses including postal code and region.
Shipment details: Unique postal identifiers (barcodes), shipment type, category, weight, dimensions, cost, and shipping date.
Authenticity verified: Partial verification via the official Russian Post tracking service (pochta.ru) confirmed the match between the disclosed data and actual shipments.
This database represents a valuable source of information for cybercriminals, providing opportunities for phishing, fraud or illegal marketing targeting.
26.5 million records spanning nearly 10 years of exposed mailings.
Particularities of the leak: alterations and fragments published
There is some evidence that the exposed data was manipulated before being made public. As observed in other leaks (for example that of the metro-cc.ru customer base), certain telephone numbers were deliberately modified to complicate the direct identification of individuals. However, this does not prevent the exploitation of the remaining data.
-An extract of 2,128 records has been published online, giving an overview of the information available in the full database. This sample includes names, partial addresses and mailing details, providing a disturbing demonstration of the scope of this leak.
According to unconfirmed sources, the full database also contains information on senders, including organization names, tax identification numbers (INN) and associated telephone numbers. These elements show that the leak is not only limited to recipients, but also affects senders, thus increasing the risks of fraud or identity theft.
The risks and implications of this leak
The leaked information can be used to identify the sending and receiving habits of millions of people. This represents a major invasion of their privacy. Exposed data is a gold mine for cybercriminals and spies. They could be used for targeted scams, such as phone or text message scams, using specific information to deceive victims. But also for more advanced spying with sender/receiver addresses, broadcast dates, etc. Unscrupulous companies could exploit this information for targeted marketing campaigns without the consent of the individuals concerned, increasing the exposure of victims. The grouping of information could also make it possible to find people, such as soldiers or officials from intelligence services: FSB, GRU, etc.
See you in your ears, and don’t hesitate to subscribe now to the ZATAZ newsletter. Also join our WhatsApp group et our social networks to access exclusive information, real-time alerts and practical advice to protect your data.
