Free Navalny user data exposed online

Unknown hackers are sending to users registered on the site “Free Navalny” an archive containing their email addresses. Several Telegram channels report this.

The database contains 529,570 address rows registered between March 23 and April 1. The hackers claim that “70% are bots, but there are real people”.

Data: Telegram channel “Information Leaks”.

According to the Telegram channel “Information Leaks”, 447,880 records have a date of registration on the site.

Several journalists from Open Media who registered on the site discovered their own email addresses in the database.

There they found addresses on domains belonging to government bodies, including the Presidential Administration’s Press Service and Information, the press offices of the Interior Ministry, “United Russia”, the Federal Tax Service, and the government of Chechnya. However the addresses of state bodies were not confirmed by the senders.

In the Navalny team, the leak was confirmed.

“We see that this is a database that we use for sending messages to email addresses. For sending messages we use third-party services, in this case mailgun.com. This is exclusively a database of email addresses, without surnames, first names or any identifying data”, said Ivan Zhdanov, director of FBK.

He noted that the leak does not threaten users in any way:

“The biggest misdeed that criminals can commit is to send you an unpleasant email, which will probably end up in spam.”

The Navalny team is conducting an investigation and has asked Mailgun for information about handling the database.

“This has happened for the first time. We will do everything to ensure that such a situation does not happen again. Mistakes and blunders are always hard to admit. They happen even in our work. We will all openly acknowledge and tell you the results of the investigation”, added Volkov.

Update (19 April, 09:45 MSK): Leonid Volkov, head of Navalny’s campaign headquarters network, attributed the leak to actions by a former employee of their team. He did not name the person or their position.

“As always, 99% of hacker attacks occur through an insider, through a “rat”. We had a former employee with access who could download the server’s email logs,” he said.

Update (15:53 MSK): Currently available are two Excel files, with additional personal information of users:

• 112,469 rows containing full names, dates of birth, home addresses, gender, phones, places of work and study;
• 52,709 rows containing first and last names and phone numbers.

Data: Telegram channel “Information Leaks”.

ForkLog previously reported that salary records of Paxful employees were exposed to the public. Later Paxful CEO Ray Youssef said that the leaked data is long outdated and not in use. Funds and personal information of Paxful users are safe.

Subscribe to ForkLog’s news on Telegram: ForkLog Feed — full news feed, ForkLog — the most important news, infographics and opinions.