What happened in the Cdek data breach?
Twingate Team
•
May 3, 2024
In March 2022, Russian courier service CDEK experienced a data breach allegedly carried out by a collective called IT Army. The breach involved a large amount of data, including email addresses, names, and phone numbers. However, the authenticity of the breach could not be independently verified and has been flagged as unverified.
How many accounts were compromised?
The breach impacted data related to approximately 19.2 million individuals.
What data was leaked?
The data exposed in the breach consisted of email addresses, names, and phone numbers of the affected individuals.
How was Cdek hacked?
In early 2022, the IT Army collective, aiming to completely de-anonymise most Russian users by leaking hundreds of gigabytes of databases, published over 30GB of data allegedly sourced from Russian courier service CDEK. The breach exposed over 19 million unique email addresses, names, and phone numbers.
Cdek's solution
In response to the data breach, CDEK took several measures to secure its platform and prevent future incidents. Although specific details are not available, it is likely that the company removed any malware and backdoors used by the attackers, enhanced security protocols, and collaborated with cybersecurity experts for a thorough investigation. Additionally, CDEK may have notified affected customers and encouraged them to take precautions, such as changing their passwords and being vigilant about sharing personal information.
How do I know if I was affected?
CDEK has not publicly disclosed whether they reached out to affected users. If you believe you may have been affected by the breach and haven't received a notification, you can visit Have I Been Pwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For specific advice on CDEK's data breach, reach out to their support team by visiting the CDEK Express Support page and submitting your questions or issues through the provided form.
Where can I go to learn more?
If you want to find more information on the CDEK data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
What happened in the Cdek data breach?
Twingate Team
•
May 3, 2024
In March 2022, Russian courier service CDEK experienced a data breach allegedly carried out by a collective called IT Army. The breach involved a large amount of data, including email addresses, names, and phone numbers. However, the authenticity of the breach could not be independently verified and has been flagged as unverified.
How many accounts were compromised?
The breach impacted data related to approximately 19.2 million individuals.
What data was leaked?
The data exposed in the breach consisted of email addresses, names, and phone numbers of the affected individuals.
How was Cdek hacked?
In early 2022, the IT Army collective, aiming to completely de-anonymise most Russian users by leaking hundreds of gigabytes of databases, published over 30GB of data allegedly sourced from Russian courier service CDEK. The breach exposed over 19 million unique email addresses, names, and phone numbers.
Cdek's solution
In response to the data breach, CDEK took several measures to secure its platform and prevent future incidents. Although specific details are not available, it is likely that the company removed any malware and backdoors used by the attackers, enhanced security protocols, and collaborated with cybersecurity experts for a thorough investigation. Additionally, CDEK may have notified affected customers and encouraged them to take precautions, such as changing their passwords and being vigilant about sharing personal information.
How do I know if I was affected?
CDEK has not publicly disclosed whether they reached out to affected users. If you believe you may have been affected by the breach and haven't received a notification, you can visit Have I Been Pwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For specific advice on CDEK's data breach, reach out to their support team by visiting the CDEK Express Support page and submitting your questions or issues through the provided form.
Where can I go to learn more?
If you want to find more information on the CDEK data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
What happened in the Cdek data breach?
Twingate Team
•
May 3, 2024
In March 2022, Russian courier service CDEK experienced a data breach allegedly carried out by a collective called IT Army. The breach involved a large amount of data, including email addresses, names, and phone numbers. However, the authenticity of the breach could not be independently verified and has been flagged as unverified.
How many accounts were compromised?
The breach impacted data related to approximately 19.2 million individuals.
What data was leaked?
The data exposed in the breach consisted of email addresses, names, and phone numbers of the affected individuals.
How was Cdek hacked?
In early 2022, the IT Army collective, aiming to completely de-anonymise most Russian users by leaking hundreds of gigabytes of databases, published over 30GB of data allegedly sourced from Russian courier service CDEK. The breach exposed over 19 million unique email addresses, names, and phone numbers.
Cdek's solution
In response to the data breach, CDEK took several measures to secure its platform and prevent future incidents. Although specific details are not available, it is likely that the company removed any malware and backdoors used by the attackers, enhanced security protocols, and collaborated with cybersecurity experts for a thorough investigation. Additionally, CDEK may have notified affected customers and encouraged them to take precautions, such as changing their passwords and being vigilant about sharing personal information.
How do I know if I was affected?
CDEK has not publicly disclosed whether they reached out to affected users. If you believe you may have been affected by the breach and haven't received a notification, you can visit Have I Been Pwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Password: Immediately update your password for the breached account. Make sure the new password is strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For specific advice on CDEK's data breach, reach out to their support team by visiting the CDEK Express Support page and submitting your questions or issues through the provided form.
Where can I go to learn more?
If you want to find more information on the CDEK data breach, check out the following news articles:
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions