Experts found 20 Million tax records for Russian citizens exposed online

Experts discovered an unprotected Elasticsearch cluster containing personally identifiable and tax information of Russian citizens exposed online.

Security experts from Comparitech along with security researcher Bob Diachenko discovered 20 million tax records belonging to Russian citizens exposed online in clear text and without protection.

The experts found an unprotected Elasticsearch cluster that was containing personally identifiable information on Russian citizens spanning from 2009 to 2016.

“A database of more than 20 million Russian tax records was found on an unsecured server, accessible to anyone with a web browser.” reads the post published by Comparitech.

“Comparitech partnered with security researcher Bob Diachenko to investigate the data exposure, which included sensitive personal and tax information. The database was taken offline after Diachenko notified the owner, who is based in Ukraine.”

The Elasticsearch database was first indexed by search engines in May 2018, Diachenko discovered it on September 17, 2019, and on September 20, 2019 it was secured.

It is not possible to determine whether anyone else accessed the exposed data before it was discovered by Diachenko. The experts also revealed that the owner based in Ukraine, but did not reveal its identity.

The cluster included multiple databases, two of them contained tax and personally identifiable information about Russian citizens, prevalently from Moscow and the surrounding area.

“The first database contained more than 14 million personal and tax records from 2010 to 2016, and the second included over 6 million from 2009 to 2015.” continues the experts.

Exposed records included the following information:

• Full name
• Address
• Residency status
• Passport number
• Phone number
• Tax ID number
• Employer name and phone number
• Tax amount

The exposed data could be used by threat actors to carry out tax scam and frauds.

“Affected individuals could be at risk of identity theft and should monitor their accounts closely. Tax fraud could also be a risk, though our team is not well-versed enough on the topic of the Russian tax system to give concrete advice.” concludes the experts.

“Potential victims should also be on the lookout for targeted phishing and other scams. Fraudsters could pose as tax officials, for example, to steal money or request additional information to aid in identity theft.”

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Russian citizens, data leak)

[adrotate banner=”5″]

[adrotate banner=”13″]