Security risks from leaked transport data and the fight against data breaches

A police employee in the Kamyzyaksky district of the Astrakhan region in Russia used the FIS GIBDD-M assistance system, a resource restricted to official use, and shared the data with a friend at that person’s request. This act violated an individual’s right to privacy and security of personal information.

The Investigative Committee is pursuing a criminal case against a suspect charged with abuse of official powers under Part One of Article 286 of the Russian Federation Criminal Code.

Today, vast quantities of private data are traded on the black market. Cybercriminals can access data about driver licenses, vehicle registration histories, fines, and ownership details, among other sensitive records, with attackers often prepared to disclose such information for a fee.

One of the most in-demand services on illicit trading platforms is the unauthorized access to traffic police databases. Beyond darknet brokers, several telegram bots and a group of unscrupulous operatives, sometimes called gray detectives, facilitate these breaches, according to Maxim Shelkov, founder of the DLBI data leak intelligence and darknet monitoring service.

Prices for leaking driver information vary. Finding the owner of a car, checking a newly issued license, reviewing vehicle registration history, and confirming fines can cost between 800 and 1500 rubles per request. Access through the Rubezh system, which records the borders of the Russian Federation for vehicles, can run at least 3000 rubles per inquiry, Shelkov notes.

The primary sources of such data breaches are careless insurance company staff who hold policy information for OSAGO and Casco, along with inspectors who have access to the GIBDD-M system, according to Shelkov in an interview with the news outlet. He observes that the number of fraud cases involving driver data has not dropped in recent years.

Personal data bundles, including copies of passports, driver licenses, and SNILS numbers, are openly sold on the Darknet and various websites. These kits carry a relatively low price given the potential harm an unauthorized user could cause, explains Shelkov.

How victims may be harmed

There are numerous motivations behind a data breach. Some are used to verify a potential driver during job applications, while others aim to trace the backstory of a vehicle purchased on the secondary market, or to prepare for theft and insurance fraud. Some buyers want to identify and deal with a difficult driver, and professional investigators and journalists also use such tools to locate subjects of interest.

Experts say that among the least harmful outcomes is that some companies may simply pitch related services to drivers as a response to leaked data. For instance, car service providers might push maintenance offers as contracts near expiration, and insurers may seek to re-engage clients with new products, potentially freezing accounts otherwise tied to the policyholder.

In other scenarios, attackers may attempt to secure loans or microloans with the leaked information, or fraudulently obtain a vehicle or insurance product. A severe outcome is the creation of forged vehicle twins using leaked data from the GIBDD-M system, enabling criminals to clone a real car by pulling together owner credentials, vehicle data, and contact information. Shelkov emphasizes that such “paired” records are built from the leakage of personal data and can be used to mislead authorities and financial institutions alike.

When owners’ information leaks, criminals gain insight into assets that could be targeted for theft or more complex crimes, increasing the risk of criminal activity against the victim.

Rising risk of theft

With spare parts prices climbing, the temptation to steal vehicles for resale or to dismantle components is growing. Analysts also note that leaked data can refresh existing databases and enable attackers to mount social engineering campaigns with greater effectiveness, including phishing campaigns that lure people with OSAGO offers.

Criminals who access traffic police records can arrange insurances and orchestrate cascading accidents using the same vehicle. Every forged waiver or inflated OSAGO coefficient is often linked to the real owner’s records, making it harder for the victim to prove innocence, according to experts in the Autocriminalism center.

Forensic analyst Maksim Shelkov warns that criminals may steal a car, alter its license plates, and sell it to pawnshops, leaving the legitimate owner to bear the consequences of the loss.

What to do when data appears online

If a driver learns that his personal data has appeared online, he may pursue compensation and responsibility through the courts against those who leaked the information. A lawyer suggested submitting a complaint to the prosecutor to address unlawful data transfers and to demand withdrawal of the data from circulation.

SearchInform analysts advise evaluating any photo that features a car or personal documents to determine whether it could be exploited by criminals, even if such material appears inadvertently. It is impossible to guarantee complete protection against disclosures orchestrated by state bodies, according to experts, but the public can influence how data is stored and monitored by contacting relevant authorities when leaks occur.

Requests for information about how internal affairs protect personal data or combat leaks were not answered immediately by the Russian Ministry of Internal Affairs. Analysts stress that, ultimately, vigilance by citizens and proactive reporting to the appropriate oversight bodies are the most practical steps available when breaches occur.