Pro-Ukraine hackers, including DumpForums and the Ukrainian Cyber Alliance, have claimed responsibility for breaching Russia’s national card payment system and accessing user data. Their activities involved defacing the website of the National Payment Card System (NSPK) and allegedly gaining entry to the internal systems of the consumer payment network Mir, which operates as a domestic alternative to global card brands.
While NSPK confirmed the website breach, they denied any data leakage, asserting that the compromised website was not linked to their payment infrastructure. This cyberattack is part of an ongoing trend where Ukrainian hackers target Russian financial institutions to disrupt Russia’s economy amid geopolitical tensions.
NSPK explained that the website breach didn’t impact financial transactions or payments, although they did not comment on the hackers’ claim regarding Mir’s internal systems. DumpForums released a screenshot of a folder purported to contain 30 gigabytes of Mir data.
The Mir payment system, launched in 2014 as a response to potential payment disruptions due to sanctions on Russian banks, primarily operates within Russia, with only a few Russia-friendly nations accepting its payment cards. Following Russia’s full-scale invasion of Ukraine and the withdrawal of international payment services from Russia, Mir’s share of payments within the country has risen to nearly 50%.
Ukrainian hackers have been actively targeting Russian banks and financial institutions to hinder the Kremlin’s ability to fund its military efforts in Ukraine. Recent cyberattacks have included collaborations with Ukraine’s security services to breach major Russian banks like Alfa-Bank, MTS Bank, and Sberbank. These actions reflect a broader strategy of cyber activism in the context of ongoing geopolitical conflicts between Russia and Ukraine.
References:
