Share this analysis

Nvidia fall victim to Lapsus$.

20 March 2022
BREACHAWARE HQ
GPU

A total of 13 breach events were found and analysed resulting in 1,645,202 exposed accounts containing a total of 12 different data types of personal datum . The breaches found publicly and freely available included Foto Strana, Text.ru, Coaster Fuel, Russian Federal Property Management Agency and Samsung Electronics Company. Sign in to view the full library of breach events which includes, where available, reference articles relating to each breach.

Categories of Personal Data Discovered

Contact Data, Socia-Demographic Data, Technical Data, Usage Data, Social Relationships Data, Special Category.

Data Breach Analysis

Among the compromised entities were Foto Strana, a Russian-language social platform, and Text.ru, a popular tool for writers and marketers that caters to a Russian-speaking user base. Both platforms highlight vulnerabilities in digital media and online content services, sectors that often collect user profiles, email addresses, and platform usage habits. These platforms, particularly when widely adopted, can serve as rich targets for attackers interested in social engineering or spamming.

More significantly, Coaster Fuel and Samsung Electronics Company were also among the exposed. Samsung, being one of the largest multinational electronics companies in the world, represents a noteworthy inclusion. Though the context of the exposed data is not always clear from publicly indexed breach samples, any exposure linked to a corporation of this scale could potentially affect not only internal stakeholders but also customers and supply chain partners, depending on the nature of the leaked records. Whether the breach was related to a regional office or a broader segment of its infrastructure, such events cast a spotlight on how difficult it is to defend global operations comprehensively.

The presence of the Russian Federal Property Management Agency (Rosimushchestvo) in the list of affected organisations introduces the public sector dimension. This agency is responsible for managing government-owned property assets within the Russian Federation, and any data linked to this institution potentially involves government employees, contractors, or the administrative records that support the agency’s operation. Breaches involving public entities often trigger broader concerns about state-level cybersecurity readiness and the potential for political or state-sponsored interest in the compromised information.

Industries implicated in these breach events are wide-ranging. From consumer electronics and digital content creation, to public administration and private networking forums, this collection demonstrates how breaches are not confined to obvious targets like financial institutions or retail platforms. Even smaller or niche digital services like Coaster Fuel (a possible gaming or enthusiast community) and others operating in Russian-speaking markets present potential value to attackers.

While we avoid speculation on the specific data types exposed, the volume and diversity of breaches in this analysis serve as a clear reminder of the importance of applying consistent security protocols across sectors and organisation sizes. Even medium-sized platforms or institutions with limited international recognition can find themselves exposed if proper protections aren't in place.

With over 1.6 million user records uncovered in just these 13 incidents, the cumulative impact on individuals includes increased vulnerability to phishing, impersonation, account takeover, and identity fraud. On the organisational side, reputation damage, regulatory scrutiny, and operational disruption can result, particularly when government-affiliated or internationally recognised names like Samsung are involved.

In conclusion, this breach set reinforces the global and cross-sectoral nature of cybersecurity risk. The inclusion of both public and private sector entities across Russia and internationally, from consumer tech giants to state institutions, makes this analysis particularly notable. Data security is not just a concern for large financial firms, it is an issue of systemic risk that touches everything from local user-generated content platforms to ministries of state.

Spotlight

We are discovering some interesting breaches during this tense period in the world.

An influx of Russian domains being breached and leaked online is no surprise to us. The cyber gang Lapsus$ took the internet by storm after their cyber attack on Samsung, which leaked 180 GB of data, the team are analysing the data at the moment. They plan to release the Vodafone code later on tonight (14th March).

America's biggest chip manufacturer, Nvidia, also fell victim to Lapsus$, with part of their business having to be taken off-line. Sample code was dumped but our research team believe the actual number of credentials reported in the media is exaggerated, that does not detract away from the issue that Nvidia has compromised credentials now publicly available.

No surprise, we are seeing more .ru domains compromised ranging from IT freelancing companies to food delivery services. Do you use this kind of service to buy food for employees? The breach exposed device information, mobile number and IP address along with the standard compromised data types.

Another interesting leak is from an ISP provider in Palestine. It is a small leak, but any leak from an ISP provider (Internet Service Provider) is something to be avoided. It was an SQL dump posted to an underground forum, discovered by one of our researchers. Finally, the trend of clothing retailers, gaming websites and marketing (lead generation) breaches continue.

  • Key Stats
  • BREACH EVENTS
    0
  • EXPOSED ACCOUNTS
    0
  • EXPOSED DATUM TYPES
    0