Menu
Browse

Cyber Threat Actor: Roomsurf hacker

Aliases: 2 aliases
Actor Type Location Known Incidents
 Icon
Hacker
Russia
1 incident
Profile

The threat actor known by the aliases rmsrf and Roomsurf hacker has been publicly associated with a single reported cyber incident. Open‑source references indicate that the actor may be based in Russia, although no further geographic or organizational details have been confirmed in the available material. The alias rmsrf appears in connection with the handling of the breach, while the moniker Roomsurf hacker directly references the service that was compromised.

On January 29 2018, a commercial roommate‑matching platform used by college students experienced an unauthorized intrusion. The breach exposed personal information that users had submitted when creating profiles, including names, email addresses, phone numbers and other demographic details. The compromised data consisted of the information entered during the registration process for the service, and the incident raised concerns about the security of personal data stored by such matching platforms. No public description of the attack vector, malware used, or specific tools employed by the actor has been disclosed in the sources provided.

Additional information about the incident surfaced in a DataBreaches.Net article published on February 16 2018, titled “New details emerge on Roomsurf hack.” The article noted that further specifics about the breach had become available after the initial report, although the excerpt supplied does not elaborate on the nature of those details. The piece confirmed that the breach had been previously covered by the same outlet and that the updated reporting aimed to clarify the scope of the exposed data. No other campaigns, tools, or affiliations have been attributed to the rmsrf/Roomsurf hacker alias in the publicly accessible references consulted.

Based solely on the evidence presented, the actor’s known activity is limited to the January 2018 data breach of the Roomsurf service, with the associated aliases and possible Russian location being the only confirmed attributes. No further targeting patterns, strategic objectives, or operational histories can be derived from the supplied sources without resorting to speculation.

Incidents
Attributed incidents available to members
1 incident
Sources
Sources available to members
1 source