A major security incident in 2024 exposed more than 500 million records tied to Russians, a figure cited by authorities and media alike. According to Milos Wagner, the deputy chairman of Roskomnadzor, the total included 510 million records with about 500 considered part of a single leak. Wagner noted that the investigation is ongoing as authorities work to identify the origins and scope of the breach.
Officials also said the year saw a sharp rise in the number of data breach incidents, even as the overall volume of leaked data did not rise as dramatically as in previous years. Roskomnadzor documented 19 data leaks in the first two months of 2024. In 2023 the agency recorded 68 personal data leaks, with roughly 300 million records related to Russians reported as leaked that year. The year 2022 had a higher leak volume, with about 600 million records exposed across 140 separate leaks.
Prior to these events Roskomnadzor conducted a webinar focused on personal data protection, signaling ongoing attention to how personal information is handled and safeguarded in practical settings. The deputy chairman stressed new requirements governing the processing of citizens personal data, underscoring the evolving responsibilities faced by organizations that collect, store, and use such information.
Earlier reports highlighted concerns around data access when services are not properly regulated. Russian experts warned citizens about the risks associated with using illegal or poorly secured services, especially in relation to personal data recorded by automated systems and bots. The discussion emphasized the importance of verifying the legitimacy of data handling services and adopting safer, regulated tools for digital interactions.
In summary, 2024 marked a pivotal year for data privacy in Russia, with a dramatic breach event drawing attention to the scale of personal data exposure and prompting renewed emphasis on compliance, transparency, and user protections. The ongoing investigations and policy developments aim to improve resilience against future leaks while guiding organizations toward responsible data practices across the digital landscape.