Leonardo.ru

In early 2020 the Russian hobby and craft hypermarket chain Leonardo suffered a significant data breach affecting approximately 315000 customers. The incident involved the unauthorized access and publication of a user database containing personal identification details. The leaked information included full names, mobile phone numbers, email addresses, physical addresses, and dates of birth. Additionally, the breach exposed account passwords stored as MD5 hashes with salt, which poses a risk of decryption through brute force or rainbow table attacks. The compromise likely occurred due to vulnerabilities in the web application or backend database infrastructure.