The cost of a bank “breakdown” in the darknet:
Sberbank. Account statement/card of an individual. For a month – from 12 thousand to 15 thousand rubles, for six months – from 30 thousand to 35 thousand rubles.
Promsvyazbank. Account statement/card of an individual. For a month – from 5 thousand rubles, for six months – from 14 thousand rubles.
Gazprombank. An individual’s account/ card statement for a month – from 12 thousand rubles.
Rosselkhoznadzor. An individual’s account/ card statement for a month – from 11 thousand rubles.
In the first quarter of 2020, A.Oganesyan’s analysts discovered more than 100 unprotected databases (databases) in Russia using the DLBI automated system: MongoDB, Elasticsearch, Amazon AWS repositories as part of the ethical investigation of data vulnerabilities. More than 40 databases have been identified on the black market.
Server vulnerabilities and available databases for January-April 2020:
January: An open Elasticsearch server was discovered with data from the Moscow Cargo air freight and mail service operator.
February: an open Elasticsearch server of the Boxberry delivery service was discovered, which contained information on shipments for December 2019 (more than 100 thousand lines).
March: a freely available Elasticsearch server with information from the Premium Bonus system was discovered – personal data of customers of restaurants in Moscow, St. Petersburg, Kazan and other Russian cities.
April: the customer database of the Russian retail chains “K-Ruoka” and “K-Rauta” was discovered. The database contains more than 970 thousand lines with customer data, including full name, date of birth, phone, email, city and area of residence, number of people in the family and data on participation in loyalty systems.