Sberbank lost the address book of 421,000 employees of the bank and its subsidiaries
Unknown posted in the open access forum phreaker.pro database of employees of Sberbank. Fields in the database:
The leak is a text file about 47 megabytes in size, which contains more than 421 thousand records, according to Kommersant journalists who downloaded the database. They note that the number of entries in the database exceeds the number of official employees of the Savings Bank according to the IFRS at the end of the first half of 2018. Then it did not exceed 300 thousand people.
Kommersant assumes that the database may contain data on some (not all) laid-off employees, as well as employees of subsidiaries. In the database, you can break through the unit in which each of them is listed.
Surface authentication confirmed the authenticity of the database. In particular, there are three correct e-mail addresses of the president of the bank, German Gref. The authenticity of the database was confirmed by one of the employees of Sberbank and a representative of a third-party organization related to the information security of the bank.
')
The press service of Sberbank also reported that they know about the publication of the address book of employees. The published information "does not pose any threat to automated systems and customers," the bank assured. It is available to all Sberbank employees and “does not bear the threat of disclosing their personal data,” the bank’s press service stressed.
The problem has already been reported to German Gref, who expressed his dissatisfaction, a source told Kommersant in the bank.
In fairness, you need to agree that phreaker.pro publishes a lot of more sensitive personal information from other companies and government agencies. Confidential information is often free, as is the Sberbank address book.
- Full name
- Login in the internal system (match email addresses)
The leak is a text file about 47 megabytes in size, which contains more than 421 thousand records, according to Kommersant journalists who downloaded the database. They note that the number of entries in the database exceeds the number of official employees of the Savings Bank according to the IFRS at the end of the first half of 2018. Then it did not exceed 300 thousand people.
Kommersant assumes that the database may contain data on some (not all) laid-off employees, as well as employees of subsidiaries. In the database, you can break through the unit in which each of them is listed.
Surface authentication confirmed the authenticity of the database. In particular, there are three correct e-mail addresses of the president of the bank, German Gref. The authenticity of the database was confirmed by one of the employees of Sberbank and a representative of a third-party organization related to the information security of the bank.
')
The press service of Sberbank also reported that they know about the publication of the address book of employees. The published information "does not pose any threat to automated systems and customers," the bank assured. It is available to all Sberbank employees and “does not bear the threat of disclosing their personal data,” the bank’s press service stressed.
The problem has already been reported to German Gref, who expressed his dissatisfaction, a source told Kommersant in the bank.
In fairness, you need to agree that phreaker.pro publishes a lot of more sensitive personal information from other companies and government agencies. Confidential information is often free, as is the Sberbank address book.
Source: https://habr.com/ru/post/428071/
All Articles