Over 20 Million Unprotected Russian Tax Records Discovered Online


Researchers from Comparitech, information security- and privacy-focused company, have discovered an Elasticsearch database holding more than 20 million Russian tax records on an unsecured web server. According to a report from The Inquirer, the personal details span between 2009 and 2016, with most victims appearing to be from and around Moscow.

“The cluster contained multiple databases. Some seemed to contain mostly random and publicly sourced data,” Comparitech wrote on a post published on Monday, Oct 1.


Unprotected Russian Tax Records

“Two databases, however, included tax and personally identifiable information about Russian citizens. Most of those citizens appear to be from Moscow and the surrounding area. The first database contained more than 14 million personal and tax records from 2010 to 2016, and the second included over 6 million from 2009 to 2015.”

Among the personal details found in the cluster include full name, address, residency status, passport number, mobile number, tax ID number, employer name and phone number, and tax amount of over 20 million Russians.


According to the post, the Elasticsearch database was first indexed by search engines in May 2018. Over a year later, security researcher Bob Diachenko found the leaked records and immediately notified the owner on September 20, the database is no longer publicly accessible. This makes the database open and accessible for about 16 months.

“We cannot determine whether anyone else accessed the data while it was exposed. The owner, who we only know is based in Ukraine, did not respond to our emails,” Comparitech explained.

The company also warned about the possible risks that come with the information leaked, saying that affected individuals are vulnerable to identity theft and tax fraud.

“Potential victims should also be on the lookout for targeted phishing and other scams. Fraudsters could pose as tax officials, for example, to steal money or request additional information to aid in identity theft,” it added.

The recent discovery is an addition to the list of countries that have experienced massive data breaches affecting their citizens.

In September this year, vpnMentor, another privacy, and security firm have uncovered a database containing personal information of 20.8 million Ecuadorians, exposing the details of potentially every person in the country.

Once data has been exposed to the world, it can’t be undone. The database is now closed, but the information may already be in the hands of malicious parties,” warned the vpnMentor report.