‘All brakes are off’: Russia’s attempt to rein in illicit market for leaked data backfires | Russia
Russia is scrambling to rein in the country’s expanding illicit personal data market, a murky ecosystem long exploited by investigative journalists, police and criminal groups.
For more than a decade, Russia’s so-called likely The market – a term derived from the verb “to punch” or “to punch the search bar” – operates as a parallel information economy built on a network of corrupt officials, traffic police, bank employees, and low-level security personnel willing to sell access to restricted government or corporate databases.
While leaked databases are ubiquitous, their scale and routine use likely is uniquely Russian. It emerged from the country’s deeply corrupt state infrastructure and has become indispensable both to those who seek to exploit the system and to those who seek to expose it.
Buyers can obtain passport numbers, home addresses, travel history, car registrations and internal police records, sometimes for as little as $10. At a higher level, all files related to individuals can be purchased, including metadata about calls and movements.
PossibilityThe document, whose use remains controversial among Russian journalists, has supported high-profile investigations, including tracing the FSB state security unit behind the poisoning of Alexei Navalny.
This also served the police and security services, who routinely used the black market to track activists, dissidents, and anyone outside the state’s eye.
Investigative journalist Andrei Zakharov said: “This is one of the paradoxes of modern Russia: on the one hand, these services are based on illegal and leaked data, on the other hand, they are much more suitable for daily police work than numerous official departmental databases.” published a book about likely.
But as the war in Ukraine enters its fourth year, the Kremlin likely less as a tolerated convenience and more as a threat.
While phone fraud organizations were using leaked data on an industrial scale, Ukrainian intelligence had learned to exploit the country’s porous information environment to identify and assassinate military officials inside Russia.
In his annual phone call to the country last year, President Vladimir Putin admitted that a close friend had been the victim of a phone scam.
Zakharov said this incident was the signal for security services to begin sealing off the area. likely Sunday. Last year, Putin signed laws that toughen penalties for data leaks and impose a prison sentence of up to 10 years for accessing or distributing such information.
Security services also launched an aggressive search. likely operators are detaining many brokers and targeting the infrastructure they rely on. Among the most notable arrests was the team behind Usersbox, one of the most widely used and cheapest services.
But the Kremlin’s war continues likely This had the opposite effect, Zakharov said. Many leading likely operators and brokers took their business abroad, where they were much less restricted by informal agreements with security services or fear of immediate arrest.
“Previously, they were still working with the security services or they would think twice before publishing something extremely sensitive. Now all the brakes are off,” Zakharov said. “They’re dropping sensitive leaks, one after another.”
Zakharov referred to the massive FSB database known as Kordon-2023, which was leaked online last year and contains details of people who crossed Russian borders between 2014 and 2023. Zakharov described it as one of the biggest and most important leaks to date.
Well-known services such as Himera, which has been known to cooperate with authorities, have changed course: the group said it has cut off law enforcement access and relocated all of its staff.
Ukrainian hackers also participated. Since Russia’s large-scale invasion, pro-Ukrainian hackers and other intelligence groups have repeatedly breached Russian state and business systems, stealing data and openly publishing it; often free of charge and largely for ideological reasons.
Last year, Ukrainian hacker group KibOrg published online a database of customers of Alfa Bank, Russia’s largest private commercial bank.
The leak allegedly included personal data of approximately 24 million individuals and more than 13 million organizations.
“Taken together, it has never been easier to find private Russian data on the market,” Zakharov said.
