Journalists of the Kommersant publication found that 1.3 million Russian customers of the cosmetics company Oriflame are selling scans of passports at the hacker forum RaidForums. At the end of last week, the company did report that on July 31 and August 1, it was subjected to a series of cyberattacks, and hackers gained unauthorized access to its information systems.
“Attackers could have obtained illegal access to personal data of some brand partners, such as copies of IDs. Data such as your bank account number, phone numbers and passwords were not affected by this attack. Commercial operations were not affected either, ”said Oriflame.
The company admitted that the clients suffered not only from Russia but also from other CIS countries and Asia. It was reported that after the attacks, Oriflame has strengthened security measures and is now investigating the incident with the participation of law enforcement agencies.
Interestingly, the same seller on RaidForums previously posted scans of documents of Oriflame clients in Georgia and Kazakhstan and stated that he had data from system participants from 14 countries in his hands. Because of this, some experts believe that the attack came from overseas.
“Probably, the company refused to buy data from cybercriminals, so now they are being made public,” Ashot Hovhannisyan, founder of the DLBI data leak intelligence service, told reporters.
Interlocutors of the publication say that such a database of 1.3 million copies of passport scans can cost hundreds of thousands of dollars. After all, using fake documents, you can take a microloan, register a domain, SIM card or wallet of payment systems. “A high-quality copy of a real passport is the starting point [in many] fraudulent schemes,” the experts emphasize.
Catch up on more stories here
Follow us on Facebook here