Experts from DLBI have warned that an SQL dump of the registered user table has been found on the network, likely taken from the SOGAZ insurance company’s sogaz[.]ru website. The researchers have determined that the dump was likely taken from the Bitrix CMS on October 21, 2022 and contains 8,309,754 lines, including login, full name, email address (7.86 million unique addresses), telephone (5.39 million unique numbers), date of birth, hashed (MD5 with salt) password, and place of work (not for everyone). It was also found that randomly checked email addresses from the dump were valid when tested through the password recovery form on the lk.sogaz.ru website. In January 2023, a fragment of a user table from a database was previously published in the public domain, likely taken from the SOGAZ-LIFE insurance company’s sogaz-life.ru website.
