Hackers release over 3 million personal records from Moscow public education database

Source: Meduza

NLB, a group of pro-Ukrainian hackers, has released more than three million personal records from the state-run Moscow Electronic School website — an educational platform used by Moscow public schools.

The breach was reported by Data1eaks and other data-industry Telegram channels. The compromised database, last updated in August 2021, has 17 million lines containing the users’ login credentials, full names, birth dates, SNILS numbers (similar to Social Security numbers), emails, and phone numbers.

According to Data 1 eaks, the data set contains 3,317,710 unique phone numbers. “The leak affects a huge part of Moscow population, including schoolchildren,” writes a Telegram channel whose bot offers to check whether a user’s phone number is part of the data leak.

Last September, the Russian business publication Kommersant reported that the Moscow Electronic School website was down. The site has sections for teachers, students, and parents. It hosts electronic class records, student portfolios, and other school-related data.

Moscow IT Department told TASS that “the leaked materials have no relation to actual Moscow Electronic School users and their data.” Several different users have nevertheless told Meduza that they found their personal information among the leaked data.

Follow Meduza in English on Twitter to stay up to date.