Cyber Incident Victim: ALET
Date:
Apr 2022
Location:
Russia
Summary
Anonymous compromised ALET, a Russian customs broker specializing in fuel and energy exports, as part of their #OpRussia campaign following the invasion of Ukraine. The attackers exfiltrated and leaked approximately 1.1 million emails totaling 1.1 TB through DDoSecrets, exposing sensitive operational data related to customs declarations for oil, coal, and petroleum products handled for over 400 clients including major energy firms. This breach occurred alongside similar operations against other critical Russian entities, collectively releasing terabytes of data to undermine infrastructure supporting the nation's economy and energy sector.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On or around April 28, 2022, the hacktivist collective Anonymous, operating under its #OpRussia campaign, compromised ALET (АЛЕТ), a Russian customs brokerage firm specializing in fuel and energy sector exports. The attack was executed by Anonymous’s affiliate group Network Battalion 65, which had been actively targeting Russian entities following the invasion of Ukraine. ALET’s systems were breached, resulting in the exfiltration of approximately 1.1 million emails. The stolen data, totaling 1.1 terabytes, was subsequently published via the Distributed Denial of Secrets (DDoSecrets) platform as part of a coordinated leak alongside data from other Russian organizations. ALET’s primary business involved processing customs declarations for oil, coal, liquefied gases, and petroleum products, serving over 400 clients since 2011, including major entities like Gazprom, Gazprom Neft, and Bashneft. The leaked emails likely contained operational details, client communications, and documentation related to the 119,000+ customs declarations the firm had handled. This incident occurred within a broader wave of cyber operations by Anonymous, which claimed to have released over 6 terabytes of Russian data through DDoSecrets at the time, including breaches of Elektrocentromontazh (a critical power infrastructure contractor) and PSCB Commercial Bank.
The compromise of ALET’s email repositories exposed sensitive trade and logistical information tied to Russia’s energy export ecosystem, a sector strategically significant due to international sanctions imposed after the Ukraine invasion. As a customs intermediary handling 75% of its business in oil products and 9% in hydrocarbon goods, ALET’s data leak risked revealing supply chain partners, transaction records, and compliance documentation for entities moving Russian energy commodities. The breach directly impacted ALET’s operational confidentiality and potentially compromised its client organizations’ commercial activities. No specific mitigation actions or responses from ALET were detailed in the available source material. The data dissemination via DDoSecrets amplified the incident’s reach, enabling unrestricted access to the leaked corpus for researchers, journalists, and other actors. This attack formed part of Anonymous’s sustained pressure campaign against Russian economic interests, leveraging network intrusions and public data leaks to disrupt and expose targets aligned with the state’s strategic industries.