December 2, 2023

A cybersecurity incident targeted Rosgosstrakh (Росгосстрах), Russia’s second-largest insurance company after SOGAZ, successfully exfiltrated a substantial amount of customer and sensitive financial data.

The individual goes by Apathy has announced the sale of data in the dark web. The Rosgosstrakh data has emerged on well-known Breach Forums, with a price tag set at $50,000 in Bitcoin for the extensive collection of information


The compromised data includes investment and life insurance department records dating back to 2010. The breach, which has put approximately 3 million bank statements at risk, has also compromised data on 730,000 individuals, with approximately 80,000 individuals’ Russian Social Security Numbers (SNILS) and 45,000 individuals’ complete bank routing information now in jeopardy.

The breach also includes access to all life insurance policies and contracts, as well as associated attachments such as passports and scanned documents of public officials or their immediate relatives.

The threat actor intends to offer prospective buyers a full buyout by providing complete access to Rosgosstrakh’s internal Web UI.

Another individual has obtained a portion of the data from the hacker is Maia Arson Crimew, a Swiss security researcher and hacker. He disclosed acquiring an extensive 22GB of JSON data in plain-text format. The complete database comprises a staggering 400GB of data.


He revealed uncovering information attributed to three GRU agents that contained comprehensive details about the agents, featuring their full names, dates of birth, phone numbers, email addresses, passport numbers, and specifics related to insurance coverage, particularly life insurance information.

Rosgosstrakh data breach is a serious incident that has exposed the personal and financial information of a large number of individuals and could have implications for the Russian government. The fact that the data includes information on Russian military intelligence agents could be used by foreign governments to gain an advantage over Russia.

1 thought on “Russia Rosgosstrakh Data Breach

Leave a Reply

%d bloggers like this: