[BreachExchange] Data breach at Russian ISP impacts 8.7 million customers

[Destry Winant]

https://www.zdnet.com/article/data-breach-at-russian-isp-impacts-8-7-million-customers/

The data of 8.7 million customers from Russian internet service
provider Beeline is being sold and shared online, Russian media
reported today.

The data contains personal details such as full names, addresses, and
mobile and home phone numbers.

Beeline, a Russian telecommunications company with clients in Russia,
all of Asia, and Australia, admitted to the breach.

Speaking to Russian news agency Kommersant, which first reported the
security incident, the ISP said the breach happened in 2017 and that
they found the persons responsible at the time, although they never
made the hack public.

The Russian telco said the data only included details on Russian
customers who signed up for home broadband connections, before
November 2016.

The vast majority of the leaked data was from users who are not
Beeline customers anymore, the company said. Customers in Australia,
New Zeeland, Kazahstan, Armenia, or other countries where the ISP has
a presence, were not impacted.

Beeline has more than 50 million subscribers in Russia but said that
only 3 million are broadband customers, with the bulk being mobile
subscribers.

Kommersant said it learned of the breach from a source in the banking
security sector. The data was being shared online, including on
Telegram channels.

This is the second major data breach impacting a Russian company the
newspaper reported this month. Last week, Kommersant said it found an
online ad selling the personal and card details of more than 60
million customers from Sberbank, one of Russia's largest banks.