Gosuslugi 2021

A significant data breach involving the Russian State Services portal Gosuslugi occurred in late 2021. The incident resulted in the exposure of personal information belonging to approximately 7 million citizens. The leaked dataset originated from a misconfigured database or a vulnerability in a regional system integrated with the main portal. Exposed records contain highly sensitive identification details including full names, mobile phone numbers, email addresses, residential addresses, and critical government identifiers such as SNILS and INN. This breach posed a severe risk of identity theft and targeted phishing attacks against the affected population.