A hacker is attempting to sell on a dark web forum a database containing 129 million records of car owners in Moscow.
As a proof of the authenticity of the data, the hacker has leaked some anonymized data containing all the car details present in the traffic police registry.
The archive doesn’t include car owners’ details, exposed data includes the car’s make and model, place of registration, and the date of first and last registration.
The seller is offering the full version of the database for 0.3 BTC, which at the current rate is about $ 2677, paying 1.5 BTC ($ 13.386) it is possible to purchase information for “exclusive use.”
The accuracy of the data has been verified by Vedomosti media.
“Hackers posted a darknet database of Russian car owners, it includes 129 million positions from the traffic police registry. The authenticity of the information was confirmed by an employee of the car-sharing company, Vedomosti reports.” reads the website rbc.ru. “
“In the published data there is only anonymized information. These include: place and date of registration of the car, make and model. According to hackers, the full version also contains the name, address, date of birth, passport numbers of car owners and their contact information.”
According to the Russian blog Nora the Hedgehog, several portals where people can pay fines for violating COVID-19 quarantine are leaking their full names and passport numbers by simply providing the registration number of the ticket.
The worst news is that the portals don’t implement any protection against brute-force attacks, allowing attackers to try all the possible combinations of unique ticket numbers to retrieve personal details of the people that paid the fines.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – dark web, hacking)
[adrotate banner=”5″]
[adrotate banner=”13″]
A former U.S. NSA employee has been sentenced to nearly 22 years in prison for…
A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest…
A flaw in the R programming language enables the execution of arbitrary code when parsing…
The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019.…
Finnish hacker was sentenced to more than six years in prison for hacking into an…
The US government’s cybersecurity agency CISA published a series of guidelines to protect critical infrastructure…
This website uses cookies.