Rostelecom, Russia telecom giant, investigates leak of company data


Rostelecom, a major Russian telecommunications provider, says it’s investigating a cyberattack on one of its contractors. Hackers earlier released a batch of allegedly stolen company data.

On Tuesday, a hacker group calling itself Silent Crow published a data dump containing thousands of customer emails and phone numbers supposedly stolen from Rostelecom.

In total, the dump contains 154,000 unique email addresses and 101,000 unique phone numbers. Information provided by the hackers as evidence of a breach suggests that data was stolen on September 20th, 2024, a Telegram channel “Information Leaks” said.

ADVERTISEMENT

Soon after, the company admitted it had suffered a data leak and added that it had previously detected “information security incidents” at one of its contractors.

According to Rostelecom, the unnamed contractor is responsible for maintaining its corporate website and procurement portal. Both were reportedly targeted by hackers.

The company – which is state-owned – told TASS, a state news agency, it had already “taken measures to eliminate the identified threats.”

However, it’s doubtful these have been identified because Rostelecom also said it was still studying the published database to determine “which part of the data was compromised and whether it relates to the company” at all.

Konstancija Gasaityte profile Stefanie Paulina Okunyte justinasv
Don’t miss our latest stories on Google News

Still, Rostelecom says there was no leak of “particularly sensitive” personal data. “But we recommend that users of the resources reset their passwords and enable two-factor authentication where available,” the state company added.

The Russian Ministry of Digital Development additionally said that the breach did not impact the state services portal and that no sensitive data from the operator's subscribers had been leaked online.

Silent Crow is a pretty mysterious hacker group. Yes, it publishes leaks on Telegram but it doesn’t demand ransom from the successfully targeted companies or organizations.

ADVERTISEMENT

Earlier in January, the collective claimed responsibility for breaching Rosreestr, another Russian government agency that manages property and land records. Just a few days later, the hackers said they had breached a subsidiary of Russia’s largest private bank, Alfa-Bank.

The Russian internet regulator, Roskomnadzor, registered 135 cases of database leaks in 2024. More than 710 million records about Russian citizens were reportedly leaked.

Even Rostelecom CEO Mikhail Oseevsky said in November that, actually, the personal data of all Russians had already been leaked on the web. “If we go to the darknet, there is information consolidated by Ukrainian special services or hackers on each of us,” he told TASS.