Experts found 20 Million tax records for Russian citizens exposed online

Experts discovered an unprotected Elasticsearch cluster containing personally identifiable and tax information of Russian citizens exposed online.

Security experts from Comparitech along with security researcher Bob Diachenko discovered 20 million tax records belonging to Russian citizens exposed online in clear text and without protection.

The experts found an unprotected Elasticsearch cluster that was containing personally identifiable information on Russian citizens spanning from 2009 to 2016.

“A database of more than 20 million Russian tax records was found on an unsecured server, accessible to anyone with a web browser.” reads the post published by Comparitech.

“Comparitech partnered with security researcher Bob Diachenko to investigate the data exposure, which included sensitive personal and tax information. The database was taken offline after Diachenko notified the owner, who is based in Ukraine.”

The Elasticsearch database was first indexed by search engines in May 2018, Diachenko discovered it on September 17, 2019, and on September 20, 2019 it was secured.

It is not possible to determine whether anyone else accessed the exposed data before it was discovered by Diachenko. The experts also revealed that the owner based in Ukraine, but did not reveal its identity.

The cluster included multiple databases, two of them contained tax and personally identifiable information about Russian citizens, prevalently from Moscow and the surrounding area.

“The first database contained more than 14 million personal and tax records from 2010 to 2016, and the second included over 6 million from 2009 to 2015.” continues the experts.

Exposed records included the following information:

Full name
Address
Residency status
Passport number
Phone number
Tax ID number
Employer name and phone number
Tax amount

The exposed data could be used by threat actors to carry out tax scam and frauds.

“Affected individuals could be at risk of identity theft and should monitor their accounts closely. Tax fraud could also be a risk, though our team is not well-versed enough on the topic of the Russian tax system to give concrete advice.” concludes the experts.

“Potential victims should also be on the lookout for targeted phishing and other scams. Fraudsters could pose as tax officials, for example, to steal money or request additional information to aid in identity theft.”

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Russian citizens, data leak)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.