OREANDA-NEWS. The hackers put up for sale a database of Moscow and Moscow region drivers registered in the region from 2006 to 2019. It contains names, dates of birth, phone numbers, VIN-codes and numbers of cars, their brands and models, as well as the year of registration. Kommersant contacted the seller of the archive.

The database, which has 50 million rows, was posted on one of the forums specializing in the implementation of information leaks. They offer to buy it for $ 800. At the same time, the seller provided a sample of records, and offered a file with data for 2020 as a bonus.

“Kommersant phoned five car owners from the sample database, they all responded by name and patronymic, one of the interlocutors confirmed that he owned the car specified in the file, but had already sold it. The rest refused to confirm the relevance of the information, ”the article says.

According to the attacker, he received access to the data from an insider in the traffic police. However, experts interviewed by the newspaper believe that the leak could have occurred at the level of regional information systems, which are integrated with the traffic police databases to issue fines for violation of parking rules.

“All data on registered vehicles and car owners are now centrally stored in the Federal Information System (FIS) of the State Traffic Safety Inspectorate. However, earlier, each regional traffic police department had its own database, where the data was shipped. Until 2020, Moscow and the Moscow Region could upload data in parallel to the FIS and to their systems, then they stopped, and now the regional systems are being decommissioned, ”the newspaper's source explained.

Ashot Hovhannisyan, the founder of the DLBI data breach intelligence and darknet monitoring service, has a different opinion: he believes that this data could have been stolen both directly from insurance companies and from their contractors, to whom the databases are transferred to “ring”.