RZD

In November 2020 a significant data breach impacted the Russian Railways RZD Bonus loyalty program. The incident resulted in the exposure of 1.36 million user records. The leaked database contained sensitive information including user email addresses and passwords stored as MD5 hashes with salt. Additionally the breach included technical data such as train schedules and station sequences. This event followed a previous security incident involving the same organization in 2019 highlighting persistent security challenges within the infrastructure of the state transport operator.