Cyber Incident Victim: Russian Orthodox Church

On or around April 1, 2022, the hacktivist collective Anonymous claimed responsibility for a cyberattack targeting the charitable wing of the Russian Orthodox Church. The group exfiltrated approximately 15 gigabytes of data, including 57,000 emails, from the organization’s systems. Anonymous publicly announced the breach and disseminated the stolen data through the transparency platform Distributed Denial of Secrets (DDoSecrets). However, the collective restricted immediate public access to the leaked materials, stating the information would initially be available only to journalists and researchers due to its sensitive nature. This incident occurred amid a broader Anonymous campaign against Russian entities following the 2022 invasion of Ukraine, with simultaneous attacks reported against private firms Thozis Corp and Marathon Group, both linked to Russian oligarchs. No technical details regarding the intrusion methods, compromised systems, or initial detection mechanisms were disclosed in available reporting.

The data breach represented a significant compromise of internal communications and operational records from a major religious institution aligned with the Russian state. While the full content of the leaked emails and documents remained unverified in public reporting, the 15 GB data volume and email count indicated extensive access to organizational infrastructure. Anonymous did not specify whether the data contained evidence of specific activities by the charitable wing, though the selective distribution approach suggested potential sensitivities. The Russian Orthodox Church did not issue a public acknowledgment or response to the incident at the time of reporting, and no containment measures, forensic investigations, or recovery actions were documented. The attack highlighted the expansion of hacktivist operations beyond government and corporate targets to include cultural and religious entities during periods of geopolitical conflict.