Hackers reportedly sell the personal data of more than one million Russians who voted electronically using blockchain technology during the country’s recent constitutional amendment referendum.
Hackers in Russia took over voter data?
More than 1.1 million data was reportedly stolen and put up for sale on internet forums for $ 1.50 per 1 pc. The Russian newspaper wrote about the case Kommersant. The data, consisting only of passport numbers, is of little value in itself, they gave Kommersant to anonymous sellers. However, such data can be used for phishing attacks if it is combined with information from other leaked databases.
Reportedly, the data was leaked due to a flawed online voting system of the Moscow Department of Information Technology. This, however, rejects the accusations.
“The Department regularly monitors the Internet for the publication of such data, including on the darknet. The database mentioned in the publication has nothing to do with the list of voters who registered to vote online “
– wrote the press office of the department, adding that the information on the servers of the Moscow City Hall was properly protected and “There were no leaks [danych]”.
The aforementioned online vote was part of a nationwide referendum devoted to changes to the Russian constitution, including they will now enable Vladimir Putin to rule Russia for the next several years.
The online voting system, based on the open-source Exonum blockchain from Bitfury and built with Kaspersky Lab, was reportedly poorly prepared to protect data. The problem was not with the blockchain, but with the accompanying software. The media wrote that journalists were able, for example, to decode the voices of citizens, as well as learn the numbers of their passports from a poorly protected file published on the Internet by the authorities.
The voting took place in the last week of June and ended on July 1.
On Tuesday, in the post to your blog, politician Artem Kostyrko wrote that the screenshot provided by the data vendor was compared with the voter database and the information contained therein is not consistent with that of voters. However, according to the founder of cybersecurity company DeviceLock, Ashot Oganesyan, the database was genuine and has been on sale online for some time.