OneClickMoney.ru

In February 2024 a significant data breach occurred involving the Russian microfinance institution OneClickMoney. An unauthorized actor allegedly gained access to a SQL database containing nearly 10 million user records. The compromised data includes sensitive personal information such as full names, dates of birth, passport details, employment history, and multiple contact phone numbers for both clients and their designated contact persons. This incident highlights vulnerabilities in financial data storage and the high value of MFI databases to cybercriminals for identity theft and social engineering attacks.