Cyber Incident Victim: City of Blagoveshchensk
Date:
Apr 2022
Location:
Russia
Summary
Hackers affiliated with the Anonymous collective breached three Russian government entities, including the City of Blagoveshchensk's administration, exfiltrating over 700 GB of email data. The city administration suffered a leak of 150 GB comprising 230,000 emails, alongside significant breaches at Russia's Ministry of Culture and Tver region's Governor's office. This operation formed part of a coordinated hacktivist campaign targeting Russian state and commercial entities in retaliation for the invasion of Ukraine, with multiple groups like Ukraine's IT Army systematically compromising government communications and corporate email systems. The incident reflected escalating cyber retaliation efforts amid widespread international condemnation of Russia's military actions and alleged human rights violations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On or around April 12, 2022, hackers affiliated with the Anonymous collective breached three Russian government entities, including the City of Blagoveshchensk’s administration, as part of a retaliatory campaign following Russia’s invasion of Ukraine. The attack resulted in the exfiltration and public release of over 700 GB of email data across the targets. The City of Blagoveshchensk suffered a leak of 150 GB comprising 230,000 emails, while Russia’s Ministry of Culture lost 446 GB (230,000 emails) and the Tver region Governor’s office lost 116 GB (130,000 emails). The breach was publicly disclosed by the transparency group DDoSecrets, which distributed the datasets. The attackers employed a 'smash and grab' strategy typical of hacktivist operations, prioritizing rapid data extraction over prolonged network persistence. No technical details regarding intrusion vectors or defensive measures taken by the victims were disclosed in available reporting.
The incident occurred within a broader wave of cyber operations targeting Russian entities after February 24, 2022, with Anonymous, Ukraine’s IT Army, and Hacker Forces coordinating attacks against state and commercial organizations. The City of Blagoveshchensk’s leak represented one component of this campaign, alongside contemporaneous breaches exposing 437,500 emails from Russian firms Petrovsky Fort, Aerogas, and Forest. Impacts included operational disruption and reputational damage to the municipal government, though specific consequences beyond data exposure were not detailed. The Ministry of Culture’s breach carried heightened sensitivity due to its oversight of cultural heritage, censorship, and copyright policies. No containment efforts, forensic findings, or victim responses were documented. The operation aligned with geopolitical tensions surrounding Russia’s military actions in Ukraine, which had displaced over 10 million people and triggered allegations of human rights violations leading to Russia’s suspension from the UN Human Rights Council shortly before the breach.