The year 2024 set an anti-record for leaks of personal data of Russian citizens. Cybersecurity experts at FACCT have discovered 259 new databases of Russian companies posted on hacker forums and Telegram channels. This is 5% more than in 2023, when 246 such leaks were registered. Despite the tightening of legislation, large fines and criminal liability, businesses and government agencies do not have time to adapt to new realities.
Most often, retail companies, online stores, medical institutions and educational organizations were subject to cyber attacks. The stolen databases contained last names, first names, patronymics, dates of birth, addresses, email addresses and phone numbers of users. At the same time, most of the stolen data was distributed free of charge, since the goal of the attackers was to cause maximum damage to companies and their clients. In 2024, many public and private channels appeared on Telegram, where leaks that had previously remained private were posted. One of the largest was the publication of an archive that included 404 databases.
The scale of the problem is highlighted by data from the Solar AURA monitoring center. During the year, 898 reports of data leaks from Russians were recorded, which is double the figures for 2023. The number of rows in published databases increased year on year to 1 billion. Among them are 85 million email addresses and 237 million phone numbers. The largest number of leaks was recorded in the retail sector (248 cases), services (119), public sector (56) and educational institutions (52).
According to Roskomnadzor, in the first nine months of 2024, 110 cases of personal data leaks were registered, which is less than in the same period in 2023 (145 cases). However, these statistics only reflect incidents for which the regulator initiated investigations. It is noteworthy that in January 2024, 19 major leaks were recorded, due to which more than 510 million lines of personal data became publicly available.
On November 28, 2024, a law was passed in Russia that tightened liability for personal data leaks, including criminal liability. Fines for companies range from 5 to 15 million rubles for the first incident and up to 3% of the company’s annual turnover for repeated violations. The maximum fine amount reaches 500 million rubles. At the same time, relaxations are provided: companies that have invested at least 0.1% of their revenue in information security for three years and complied with the regulator’s requirements will be able to count on reduced fines.
Nevertheless, business, according to experts, is not ready for tougher requirements. Alexey Volkov, Vice President for Information Security at VimpelCom PJSC, said that companies will not have time to adapt to innovations until 2025. He emphasized that creating an information security system requires not only significant resources, but also a long-term change in organizational culture. “Security cannot be bought or built – it can only be nurtured“, Volkov noted.
The number of ransomware attacks in 2024 increased by 44% compared to the previous year. In 10% of cases, the attackers did not demand a ransom, but deliberately caused damage to destabilize the business. LockBit 3 Black and Mimic ransomware were used in 50% of incidents. The average ransom amount exceeded 50 million rubles, and the minimum requirements for small businesses were 100 thousand rubles. The largest number of attacks occurred on construction, pharmaceutical and IT companies.
Pro-government hacker groups, whose number grew to 27 in 2024 (up from 14 in 2023), are increasingly becoming key initiators of cyber attacks. They use methods typical of intelligence agencies and target government agencies, scientific institutes, industrial enterprises and critical infrastructure of the country. The main goals of such attacks remain espionage and sabotage.
Analysts warn that data breaches and cyber attacks will continue to rise in 2025. Threats will increase due to the development of technologies, including AI, which will begin to be used to create more sophisticated methods of hacking attacks, mass phishing and searching for vulnerabilities in information systems. Countering these challenges will require the combined efforts of business, government and experts. Only a systematic approach will prevent further reputational and financial losses.
If you notice an error, select it with the mouse and press CTRL+ENTER.