The Russian Visa Center is an organization that helps Americans to obtain Russian Visa, this morning the white hat hacker Kapustkiy informed me that he broke into the database its website and accessed data of around 3000 individuals.
Kapustkiy told me to have exploited a SQL Injection in the website, he hacked the website on Friday.
“I used SQL Injection to gain access” said Kapustkiy.
He shared with me the records as proof of the hack, the leaked information include data about individuals that obtained the Russian Visa.
The Russian Visa Center is part of Invisa Logistic Services, it has five offices in the US where people can receive assistance in getting a Russian visa.
The records include their full names, emails, phone numbers, birthday and other information. The archive also includes data of the staff, such as full names, usernames, encrypted passwords, permissions and other information.
Kapustkiy will not make public the accessed data because the database contains sensitive information,
The young hacker contacted the Russian Visa Center but hasn’t received any response, he also reported the issue to the US-CERT.
The young hacker is very active, a few days ago he announced the hack of website of the Costa Rica Embassy in China and the data breach of the Slovak Chamber of Commerce (www.scci.sk) that affected more than 4,000 user records.
Recently Kapustkiy targeted several organizations, including the Consular Department of the Embassy of the Russian Federation, the Argentinian Ministry of Industry, the National Assembly of Ecuador, the Venezuela Army, the High Commission of Ghana & Fiji in India, the India Regional Council as well as organizations and embassies across the world.
He also broke into the ‘Dipartimento dellaFunzione Pubblica’ Office of the Italian Government, the Paraguay Embassy of Taiwan (www.embapartwroc.com.tw), and the Indian Embassies in Switzerland, Mali, Romania, Italy, Malawi, and Libya.
(Security Affairs – Kapustkiy, Russian Visa Center)