Self-declaring "war on Russia's cyberspace", hacktivist group GhostShell have released what appears to be millions of accounts belong to various Russian government agencies.
In a number of files dumped on Github, in what the group call #ProjectBlackStar, the hackers claim to have taken 2.5 million accounts and records from governmental departments, as well as educational, academical, political, law enforcement, telecom, research institutes, medical facilities records and data from large corporations.
In a Pastebin message which links to the file dumps, GhostShell says:
"For far too long Russia has been a state of tyranny and regret. The average citizen is forced to live an isolated life from the rest of the world imposed by it's politicians and leaders. A way of thinking outdated for well over 100 years now. The still present communism feeling has fused with today's capitalism and bred together a level of corruption and lack of decency of which we've never seen before.
Even though the country is going through hard times and many people are starving, the Russian Government has enough resources to spend on its spies. [Linking to Business Insider]
There have been many arrests this year (just like in any other year). If they think that espionage is fun while the people are barely holding on for their lives, then we're going to play a little game as well."
The group's leader, DeadMellox, concluded by stating that "GhostShell currently has access to more Russian files than the FSB and we are very much eager to prove it."
The Federal Security Service (FSB), a Russian intelligence service, was once known as the KGB following a reformation.
The file dump includes a number of released names, passwords and email addresses that end in corp-gov.ru, and so appear to be from the Russian government -- the common 'qwerty' password aside, it is unclear how many of these are viable, active addresses. However, 37 of the file dumps are apparently from the Russian government directly, and many contain lists with hundreds of email address leaks.
One research center, Jinr, appears to have been impacted through the campaign -- the leak containing names, home addresses, job titles, email addresses and the phone numbers of people attending meetings in 2011 at the institute.
Once translated, a number of the database dumps include names, records and mailing lists from the medical, business and renewable energy sectors. There also appears to be a number of records taken from the financial sector, which hosts non-personal banking data.
GhostShell has a number of 'projects' on-the-go, most recently breaching 100 top global university databases and leaking 120,000 records, making over 36,000 email addresses, staff names, sensitive personal information and a single bank account number public.