A pseudonymous hacker going by the name Kapustkiy has reportedly claimed to have hacked and stolen passport details of thousands from the website of a Russian consular department. The hacker said he plans on dumping the stolen data online, according to a report.
The data is believed to have been hacked from the website of the Consular Department of the Embassy of the Russian Federation in the Netherlands. The hacker claimed that he managed to obtain around 30,000 records, of which, he intends to publicly leak, a thousand online.
"I hacked them to let them understand a databreach," Kapustkiy told Motherboard. "I will dump a little bit online tomorrow."
The targeted website, Ambru.nl, provides information about visas and is aimed at offering information to Russian citizens residing in the Netherlands. The consular department is yet to comment on the matter.
In November, Kapustkiy, alongside another hacker going by the pseudonym Kasimierz L, claimed responsibility for hacking the official websites of Indian embassies, including those in South Africa, Italy, Libya, Switzerland, Malawi, Mali and Romania. The duo leaked information of over 500 citizens residing in those countries, which included personal information such as names, home addresses, email, passport numbers and phone numbers.
According to Motherboard's report, the stolen records include information such as passport numbers, emails, phone numbers and IP addresses. A sample of the stolen data provided to Motherboard, containing 6,000 records revealed that the data may be legitimate. Three individuals confirmed they had used the website, two of whose passport and phone numbers appear to be a part of the stolen data. However, both passports were reportedly outdated.
The hacker also claimed to have carried out attacks in collaboration with a hacker group called New World Hackers. According to a report by ZDNet, the New World Hackers is a three-member group made up college-going teenagers. Kapustkiy says he is 17 years old.
It is still unclear as to how the attack was perpetrated. The hacker's motive in targeting passport records of Russian is also unknown.
Following the publication of this article, Kapustkiy reached out to IBTimes UK with further clarification regarding the attack. The hacker claimed that of the "30,000 entries of users" he managed to obtain 6,000, of which he has so far leaked "only 129".
The hacker added, "I don't want to make any damage. The main point was that they would fix their security and care about it." Kapustkiy also claimed that he got in touch with the Dutch CERT and the National Cyber Security Centrum about their security, who in turn responded with an email that said they are investigating the matter.
When asked if he was planning any future attacks, Kapustkiy said, "I really don't know."