Russian retail chain ‘DNS’ (Digital Network System) disclosed yesterday that they suffered a data breach that exposed the personal information of customers and employees.
DNS is Russia’s second-largest computer and home appliance store chain, with 2,000 branches and 35,000 employees.
According to the scant details provided in the announcement, a group of hackers residing outside the Russian Federation exploited a security gap in the company’s IT systems and accessed customer and employee details.
“We have already found gaps in the protection of our information infrastructure and are working to strengthen information security in the company,” says the DNS announcement.
While the firm has not provided details on what information was compromised, it clarified that the hackers didn’t steal user passwords and payment card data, as that data isn’t stored on their systems.
DNS data leaked on hacker forum
DNS’ disclosure of a security breach comes hours after a threat actor began leaking the company’s data on a hacking forum, allegedly stolen by a hacking group known as ‘NLB Team.’
The data was allegedly stolen on September 19 and contains full names, usernames, email addresses, and phone numbers of DNS customers and employees for 16 million people.
According to SimilarWeb data, DNS-shop.ru receives approximately 81.3 million visits per month, being in the top 30 most visited sites in the country, so the alleged number of impacted individuals seems plausible.
Neither the volume of the stolen data nor the type of the information has been officially confirmed.
It is worth noting that the same person leaking DNS’ data had previously offered databases belonging to other Russian organizations, “Cherlock.ru,” a legal information portal, and “CDEK.market,” a consumer goods e-commerce platform.
Russian sites facing “insider” threats
The attack against DNS is allegedly the work of pro-Ukrainian hackers, but new reports have surfaced over the weekend that put a new threat in the frame for Russian sites.
Kyiv Post reports that hackers affiliated with the so-called “National Republican Army” (NRA), an organization uniting dissidents seeking to overthrow Putin, are launching attacks against key Russian firms.
Their first high-profile victim is allegedly “Unisoftware,” a software development firm that works closely with the Russian government, the Central Bank, and the federal tax service.
Reportedly, the attack involved the deployment of a ransomware strain to cause damage, while the group also shared some screenshots with the publication as evidence of their access.