Security experts from Comparitech along with security researcher Bob Diachenko discovered 20 million tax records belonging to Russian citizens exposed online in clear text and without protection.
The experts found an unprotected Elasticsearch cluster that was containing personally identifiable information on Russian citizens spanning from 2009 to 2016.
“A database of more than 20 million Russian tax records was found on an unsecured server, accessible to anyone with a web browser.” reads the post published by Comparitech
The Elasticsearch database was first indexed by search engines in May 2018, Diachenko discovered it on September 17, 2019, and on September 20, 2019 it was secured.
It is not possible to determine whether anyone else accessed the exposed data before it was discovered by Diachenko. The experts also revealed that the owner based in Ukraine, but did not reveal its identity.
The cluster included multiple databases, two of them contained tax and personally identifiable information about Russian citizens, prevalently from Moscow and the surrounding area.
“The first database contained more than 14 million personal and tax records from 2010 to 2016, and the second included over 6 million from 2009 to 2015.” continues the experts.
Exposed records included the following information:
The exposed data could be used by threat actors to carry out tax scam and frauds.
“Affected individuals could be at risk of identity theft and should monitor their accounts closely. Tax fraud could also be a risk, though our team is not well-versed enough on the topic of the Russian tax system to give concrete advice.” concludes the experts.
“Potential victims should also be on the lookout for targeted phishing and other scams. Fraudsters could pose as tax officials, for example, to steal money or request additional information to aid in identity theft.”