Beeline employee data leaked: Customer data not compromised

December 2, 2022  14:14

Data about the employees of the Russian telecommunications operator Beeline was leaked. The experts of DLBI leak search and darknet monitoring service warned about it, and later the telecom operator itself confirmed this information, noting that the leak affected only the company employees' data, and client data was not compromised. The company is investigating the incident.

The hacker who uploaded the files claims that he gained access to the communications operator's directory service (LDAP - Lightweight Directory Access Protocol) and downloaded data of internal users from there. As evidence the hacker provided four LDIF-files (a format for presenting directory service records in text form), containing the uploads, divided into 4 regions: Moscow, South, Urals and Central.

Among the leaked files is a database with a list of employees, which also includes lines with information:

  • user login in domain (198,050 unique logins);
  • e-mail address on the domain (67,480 unique addresses);
  • employee's cell phone (89,519 unique numbers);
  • home phone number of an employee (10 969 unique numbers);
  • name/surname (in Base64 encoding);
  • information about the subdivision where the employee works;
  • other official information.

According to specialists, the leaked data may be used to prepare for a larger social engineering attack against the company with the subsequent development of other hacker attack vectors, as well as for targeted phishing mailings.

Recent reports claimed that hackers had broken into social network Yappy and stolen data of 2 million users. However, the social network refuted this information.

Large-scale leakage occurred from Microsoft servers as well: tens of thousands of companies and their employees all over the world suffered as a result of data leak from one of the company's servers.

Hackers also recently stole data from over 5.4 million Twitter accounts and posted it on a hacker forum for the public to access. The data had previously been sold for $30,000.


  • Archive