Hackers obtained more than 900,000 emails from the All-Russia State Television and Radio Broadcasting Company (VGTRK), the largest state-owned media corporation in the nation.
The emails, which appear to encompass over 20 years worth of communications, were provided to the journalism collective Distributed Denial of Secrets (DDoSecrets) by the hacking group known as Network Battalion 65′ (NB65).
Founded in 1990, VGTRK, also referred to as Russian Television and Radio (RTR), currently oversees five national TV channels, five radio stations, two international networks, and more than 80 regional TV and radio networks.
Prominent media groups under VGTRK include Rossiya Segodnya, which operates the news agency Sputnik. VGTRK also boasts that the audience for its popular “Rossiya 1” TV program comprises 98.5% of Russia’s population, while its international version reaches viewers across the U.S., Europe, the Middle East, North Africa, and China.
DDoSecrets has made the 786.2 GB email cache available to the public as a torrent file. NB65 cited the war in Ukraine as the primary motivating factor behind the breach, telling the Daily Dot that it will continue damaging “companies connected to the government” until Russia stands down.
“The longer Russian aggression lasts the longer we will continue to attack companies and internet-facing technology throughout the country,” the group said.
Analysis by the Daily Dot indicates that the hacked data, which come from around 250 inboxes, date as far back as the year 2000 and as recent as March of this year. Emails discuss everything from daily operations to issues related to international sanctions against Russia.
VGTRK has been repeatedly accused of being nothing more than a propaganda arm for the Kremlin. The Russian government has even declared VGTRK as essential for the “security of the state.”
The breach is just the latest in an ever-growing wave of hacktivism targeted at Russia over its attack on Ukraine. As a result, DDoSecrets has been handed a significant number of data dumps from an assortment of Russian entities.
Just last week the journalism collective published 5,500 emails from Thozis Corp., a Russian investment firm owned by billionaire Zakhar Smushkin, that it obtained from hackers operating under the banner of Anonymous. An additional 140,000 emails from MashOil, a company which manufactures equipment for the drilling, mining, and fracking industries, were also given to DDoSecrets by Anonymous.
Other leaks given to DDoSecrets in March alone include 2.4 GB of emails from the Russian construction company RostProekt, 22.5 GB of files from the Central Bank of Russia, 15.3 GB of files from the Rosatom State Nuclear Energy Corporation, 79 gigabytes of emails from the R&D department of Russia’s state-controlled pipeline company Transneft, and 817.5 GB of files from Roskomnadzor, the Russian agency tasked with monitoring, controlling, and censoring Russian media.
DDoSecrets co-founder Emma Best told the Daily Dot that the surge in hacktivism in response to the invasion of Ukraine is providing an unprecedented look inside Russia.
“Frankly, we’ve never seen this much data out of Russia before,” Best said. “The post-invasion Russian leaks easily outweigh all the pre-invasion Russian leaks.”
The cyberattacks have become so constant that Russia’s foreign ministry pledged last week that it would uncover and apply “grave consequences” to anyone engaged in “cyber aggression.”
Yet given the sheer size of the VGTRK hack, as well as other recent leaks, it will likely take researchers years to comb through it all. The Daily Dot reached out to VGTRK to inquire about the breach of its systems but did not receive a reply.
Anton Shirikov, a Ph.D. candidate in political science at the University of Wisconsin at Madison who has spent years studying Russian media, argues that the current hacktivism wave could give scholars of propaganda a greater insight into the inner-workings of state-run media.
“Overall, if we think about these hacks, there is potential to uncover something that would be of importance to Western intelligence or to people in the government who work on sanctions,” Shirikov told the Daily Dot. “Maybe Ukrainians could also use some of that in their information warfare. I don’t think there is much potential to influence what’s going on in Russia directly through such hacks because Russian media are very censored right now, and there’s little chance that something like that goes through.”
The international hacktivism campaign aimed against Russia is unlikely to slow anytime soon. NB65 as well as numerous other hacking groups have suggested that much more data is on the way.
*First Published: Apr 4, 2022, 7:00 am CDT
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.