CDEK
High Impact•
19,218,203 records affected
•
HaveIBeenPwned
Description
In early 2022, a collective known as IT Army whose stated goal is to "completely de-anonymise most Russian users by leaking hundreds of gigabytes of databases" published over 30GB of data allegedly sourced from Russian courier service CDEK. The data contained over 19M unique email addresses along with names and phone numbers. The authenticity of the breach could not be independently established and has been flagged as "unverified".
What to do if you're affected
- 1.Change your password immediately if you have an account with this service
- 2.Enable two-factor authentication (2FA) wherever possible
- 3.Check if your email appears in the breach using Have I Been Pwned
- 4.Monitor your accounts for suspicious activity
- 5.Consider using a password manager to generate unique passwords