Massive VKontakte user data leak exposes millions' information

One of the hackers revealed data from 390 million users of the VKontakte (VK) service. It is unclear how this data was obtained, but the person behind the incident is known.

Hackread's analysis revealed that data from over 390 million VKontakte users had been leaked online. VKontakte is a service similar to Facebook popular in Russia and other Eastern countries. It was created by Pavel Durov, who is also known for creating the Telegram application.

Hackread reports that there is no full clarity on how the hacker obtained the data. It may be the result of an external company breach. However, experts now claim that social media scraping may have obtained the data.

The hacker responsible for sharing the data is Hikki-Chan. They published data from over 390 million users on the Breach Forums platform. The data package they collected is substantial, with over 29 GB.

The stolen data does not include phone numbers or passwords. However, it does contain information such as city, country, full names, profile picture links, and email addresses. Although the amount of data obtained is significant, it is in Russian, which may make it difficult for other cybercriminals to use.

Hackread’s authors contacted the hacker, who stated that the data did not come from scraping or theft directly from VK. It was a "second-degree" incident, meaning that the data was obtained using another breach that revealed VK data.

Although the hacker responsible for the attack has several successful large-scale incidents in their portfolio, it is unclear whether they are telling the truth. VKontakte denies the account of events presented by the cybercriminal.

VK representatives responded to Hackread. In their statement, they said that no security breaches had occurred. All the data made public by the cybercriminal was available in publicly visible VK profiles.

Scraping is a technique for automatically collecting data from websites. This solution is not only associated with cybercrime. It can also be used for analytical purposes, such as monitoring prices on certain websites, studying the competition, or checking user reviews. Unfortunately, this method can also collect a lot of data that we share online. For this reason, it is worth considering how much we want to make public.