A major Russian telecommunications provider, Rostelecom, said that it is investigating a suspected cyberattack on one of its contractors after hackers claimed to have leaked the company’s data.
Earlier on Tuesday, the hacker group, which calls itself Silent Crow, published a data dump containing thousands of customer emails and phone numbers allegedly stolen from Rostelecom.
The company stated that the contractor is responsible for maintaining Rostelecom’s corporate website and procurement portal, both of which were reportedly targeted by hackers.
“We’re currently reviewing the database to determine which data was compromised and whether it’s related to the company,” Rostelecom said in a comment to state-owned media. “Based on initial findings, it appears that there wasn’t any leak of highly sensitive personal data.”
However, as a precaution, the company advised users of the allegedly hacked websites to reset their passwords and enable two-factor authentication.
In response to the incident, the Russian Ministry of Digital Development stated that the breach did not impact the state services portal and that no sensitive data from the operator’s subscribers had been leaked online.
Silent Crow has unclear origins and motives. It publishes leaks on a private Russian-language Telegram channel, but without demanding ransoms from victims. Earlier in January, the group claimed responsibility for breaching a Russian government agency, Rosreestr, which manages property and land records. The agency denied the hack but confirmed it is investigating the group’s claims.
The hackers later claimed to have breached a subsidiary of Russia’s largest private bank, Alfa-Bank, which specializes in life and health insurance as well as a loyalty program for the bank’s business customers. Alfa-Bank has not commented on these claims.
The cyberattack on Rostelecom is one of the latest against prominent Russian organizations in recent weeks.
Earlier this month, Russia’s main electronic trading platform for government and corporate procurement, Roseltorg, confirmed its systems had been breached by an unknown pro-Ukraine hacker group called Yellow Drift.
Another hacker group, the Ukrainian Cyber Alliance, also claimed responsibility for an attack on the Russian internet provider Nodex, stating that it had destroyed the company’s infrastructure overnight. Nodex confirmed the attack.
A Ukrainian hacker group called Cyber Anarchy Squad announced it had attacked the Russian tech company Infobis, which develops systems for planning, monitoring, and accounting agricultural work. The hackers claimed to have exfiltrated three terabytes of information and destroyed part of the company’s infrastructure.
Russian businesses and state agencies are becoming increasingly aware of cybersecurity dangers that they face.. The local internet regulator, Roskomnadzor, registered 135 cases of database leaks in 2024, containing more than 710 million records about Russian citizens.
Last November, Rostelecom’s president, Mikhail Oseyevsky, stated that the personal data of all Russians had already leaked online. “If we go into the dark web, there is consolidated information about each of us,” he said.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.
