Cyber Incident Victim: Boris Dobrodeev
Date:
May 2016
Location:
Russia
Summary
A hacktivist group leaked the personal email inbox of the head of a major Russian social network, exposing sensitive internal communications. The compromised data included discussions about budget negotiations, business meeting agendas, partnerships with a messaging app founded by the platform's former co-founder, financial arrangements involving offshore entities, and advertising affiliate commissions. The leak occurred amid prior controversy surrounding the co-founder's departure, which involved allegations of pressure to disclose user data linked to Ukrainian protest groups. While the authenticity of the leaked materials remains unverified, the incident revealed potential insights into the company's strategic operations and historical management tensions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On or around May 6, 2016, hacktivists identifying as "Anons" (commonly associated with Anonymous) publicly leaked the contents of a personal email account purportedly belonging to Boris Dobrodeev, then-CEO of VK (VKontakte), Russia’s largest social network. The leaked inbox contained emails from 2014, including correspondence detailing budget negotiations for VK, proposed agendas for business meetings, and discussions about the platform’s commercial relationship with Telegram, an encrypted messaging app founded by VK co-creator Pavel Durov. Additional leaked materials referenced financial arrangements involving offshore companies and VK shareholding entities Blesmir Developments and Palagon, as well as commissions for advertising affiliates. The attackers disseminated the data publicly online, though the authenticity of the leaked emails remained unverified at the time of reporting. No technical details regarding the intrusion method (e.g., phishing, credential theft, or exploitation) were disclosed in available sources.
The incident occurred against a backdrop of prior controversy involving VK’s leadership. Pavel Durov had exited the company two years earlier (circa 2014), alleging he was pressured by Russian authorities to disclose personal data of users affiliated with VK groups supporting Ukraine’s Euromaidan protests. Durov publicly asserted that VK’s management had subsequently come under the control of pro-Putin interests. While the 2016 email leak did not explicitly reference these geopolitical tensions, its focus on internal business dealings—particularly concerning Telegram, which Durov launched post-departure—highlighted ongoing operational and strategic discussions within VK’s leadership. No statements from Dobrodeev, VK, or law enforcement regarding containment efforts, forensic investigations, or impacts on users or systems were documented in the source material. The primary confirmed consequence was the unauthorized exposure of sensitive corporate discussions, with potential reputational and operational implications for VK and its executives.