- Статьи
- Society
- Code breaks: over 85 million phone numbers have been leaked to the network since the beginning of the year
Code breaks: over 85 million phone numbers have been leaked to the network since the beginning of the year
In 2025, almost 37 thousand crimes were recorded under the article on unlawful access to computer information, the Interior Ministry told Izvestia. Hackers can be attackers, as well as employees of banks, departments and other organizations, experts say. In the first half of this year alone, 54 million email addresses and 85 million phone numbers became publicly available, according to cybersecurity companies. The punishment for illegal access to other people's information is described in the Izvestia article.
What is illegal access to data?
From January to June 2025, 36.7 thousand crimes were recorded that fall under the article of the Criminal Code on unlawful access to computer information. This was reported to Izvestia by the Interior Ministry.
We have already written that in the first six months of 2025, 601 cases of illegal processing of personal data were identified, and criminal cases were initiated against 313 of them. This is the first published statistics on the application of the new article of the Criminal Code, which became effective in December 2024.
Illegal access refers to "the commission of actions for selfish motives that caused the destruction, blocking or copying of information, as well as disruption of IT systems. The article about him (272 of the Criminal Code of the Russian Federation) protects the owner's right to inviolability, confidentiality and integrity of information," the experts explained.
One of the latest incidents related to unauthorized access to computer information was a hacker attack on Aeroflot's resources at the end of July 2025. At that time, large-scale disruptions in the flight management system were observed for about a day, dozens of flights were canceled. The criminal case was initiated under this article.
In June 2025, in Perm, police officers detained the director and an employee of one of the cellular communication salons. They were suspected of illegally issuing SIM cards using other people's personal data.
"The director suggested that the employee issue SIM cards without the participation of customers in order to fulfill the sales plan. To do this, they used personal data of third parties and made changes to the company's databases," the press service of the regional department of the Interior Ministry reported. The defendants in the case were given a preventive measure in the form of a written undertaking not to leave and proper behavior.
In Primorsky Krai, in February of this year, police officers detained a suspect in a series of frauds involving hacking into personal accounts of citizens on the Gosuslug portal, through which he then issued loans to microfinance organizations. The attacker has been arrested.
How data is stolen
Cyber threats remain one of the most pressing issues on the digital agenda, said Artyom Sheikin, First Deputy Chairman of the Federation Council Committee on Constitutional Legislation and State Construction. Despite the serious efforts of the government and business, attackers continue to come up with new ways to penetrate systems, using both technical vulnerabilities and the human factor.
"Attacks are becoming more difficult every year: previously, the main targets were the theft of personal data or funds from bank accounts, but today we are increasingly talking about blocking entire services, attacking infrastructure facilities, extortion, and attempts to destabilize government systems," he said.
There are only two main schemes used by hackers to gain unauthorized access to other people's data: external hacking or the use of internal threats, said Irina Kuznetsova, head of the audit and consulting company Justicom.
"DDoS attacks are among the external ones," she noted. — This ensures a high load on the servers. Large companies that contain data from millions of users suffer from DDoS attacks. Hackers also search for vulnerabilities in the software and crack it. Another source of threat from the outside is phishing sites that are used to steal accounts. But the most global threat, of course, comes from within the company, when there is no need to hack the external contour of the IT infrastructure.
More often, this is not the work of professional hackers, but of employees of organizations who provide classified information for remuneration, said Alexey Gorelkin, CEO of Phishman.
— Such constant leaks include the so—called mobile breakdown, when telecom operators' employees "drain" subscriber data for money — this may be a passport scan, or it may be the subscriber's billing in recent months, - he said. — In addition, this is a fairly common phenomenon in various departments. If you are faced with the death of loved ones, then after reporting a tragic event, unknown people may come to your address, knowing your full name, phone number and other information related to personal data, who introduce themselves, for example, as funeral agents.
In 2025, criminals are actively using, for example, phishing mailings — fake letters on behalf of Gosuslugi, banks or marketplaces with a request to "check the security settings," said Alexander Kiselyov, a trial lawyer and managing partner of the PROV law firm. Even typos in domains, according to him, help to bypass spam filters.
"Social engineering is also actively used," the expert reminded.
For example, these are calls from "employees" of clinics, schools or law enforcement officers. Under the pretext of completing medical examinations or "correcting errors," victims send SMS codes to access their accounts. Another option is hacking through a screen demonstration — fraudsters convince you to turn on the broadcast in order to spy on passwords and bank card data.
So, in the first half of 2025, Solar AURA experts recorded 289 million leaked data lines. Among them are 54 million email addresses and 85 million phone numbers. At the same time, the volume of stolen data increased almost 200 times compared to the first half of 2024, from 3.5 terabytes to 687. There are also two to five cases of reports of leaks on the Runet every day.
What is the threat of illegal access to information?
In case of unauthorized access to computer information, as a result of which the data was destroyed, blocked, modified or copied without profit, a fine of up to 200 thousand rubles and a maximum of two years' imprisonment is threatened, Irina Kuznetsova recalled.
"If the same actions caused material damage and were motivated by selfish goals, the lightest punishment for the perpetrator will be a fine of 100-300 thousand rubles or imprisonment for up to four years," the expert added. — If a group of persons is involved in a crime or a person who has abused his official position, the fine increases to 500 thousand rubles, and the term is up to five years.
In addition, if the amount of damage exceeds 1 million rubles, the convicted person will be imprisoned for up to seven years.
The increase in the number of such crimes indicates not only a surge in the activity of intruders, but also a more effective detection of such cases, said Konstantin Larin, head of the Bastion cyber intelligence Department. However, the focus should be on proactive measures: strict access control, regular audits, activity monitoring, and employee training.
"Identifying cases of data compromise simplifies employee profiling — it helps to detect anomalies and deviations in their habitual behavior, such as starting a work device at an unusual time," the expert said.
According to him, forensics, that is, digital forensics, plays an important role: the study of access logs and metadata to identify the source of the leak. Law enforcement agencies also receive information about incidents directly from companies, citizens themselves, or from anonymous networks.
According to Artem Sheikin, cybercrime is developing as rapidly as technology.
"The main thing is to understand that this is not only about protecting personal data or accounts, but also about national security," he stressed. — Trust in digital services, the stability of the economy and the protection of the interests of citizens directly depend on how effectively we learn how to counter cyber threats.
To combat cybercrime, the Ministry of Internal Affairs has implemented the Remote Fraud program, which analyzes a series of attacks and identifies the connection between cases, Alexander Kiselyov recalled. Artificial intelligence processes data in real time, and the number of IT crime units has exceeded 5,000 employees. In addition, since 2023, a single platform for recording cyber incidents has been operating, combining data from the Ministry of Internal Affairs, Roskomnadzor and banks.
The growth of cybercrimes requires not only increased control by law enforcement agencies, but also increased digital literacy of citizens, experts say.
Переведено сервисом «Яндекс Переводчик»
