Data breaches are occurring regularly as cybercriminals are targeting companies all over the world. Even reputable brands have fallen victim such as Starbucks and U-Haul. Now, Russian retail chain DNS (Digital Network System) joins the latter as the latest company to be breached.
DNS is one of the biggest retail chains in Russia. To be exact, it’s the second-largest computer and home appliance store chain. In other words, a breach within its systems can do a lot of damage.
Apparently, a small security gap was exploited by threat actors residing outside the Russian Federation, which allowed them access to customer and employee details. What is this breach all about? How big is it? Find out in the following article.
The DNS Breach – 16 Million Users Exposed
When a certain company is breached, a lot of customers/employees can be affected by what the hacker does with the stolen data.
For example, if the information contains email addresses and phone numbers, threat actors can take advantage of that and launch a new phishing campaign.
Unfortunately, that’s exactly what’s included in this breach. The threat actors provided the data on BreachForums stating that the attack occurred on September 19.
Not only that, but they also claimed that the stolen data contains full names, usernames, email addresses, and phone numbers of DNS customers and employees. In total, more than 16 million people were affected by the breach.
The company did not disclose the breach on the spot. Instead, it only did that hours after the threat actor began leaking the company’s data on a hacking forum. Here’s their statement:
“We have already found gaps in the protection of our information infrastructure and are working to strengthen information security in the company.”
DNS also stated that the cybercriminals behind this might be associated with the hacking group “NLB Team.” It’s not known how big of an impact this breach has, but due to the fact that DNS-shop.ru receives approximately 81.3 million visits per month (The top 30 most visited websites), we assume it’s big.
However, as stated by the company, no user passwords and payment card data were affected as such information isn’t stored on their systems.
Russian Companies Under Siege
Apparently, the person behind the attack has previous accomplishments targeting Russian organizations in the past. These include “Cherlock.ru,” a legal information portal, and “CDEK.market,” a consumer goods e-commerce platform.
If you’re a DNS customer, we highly recommend you change all your passwords. Moreover, stay vigilant with every email you receive. The threat actors might use the stolen data to target you with phishing campaigns.