Cyber Incident Victim: Forest

On or around April 1, 2022, the hacktivist group Anonymous publicly claimed responsibility for a cyberattack targeting Forest (Форест), a Russian logging and wood manufacturing firm. The group announced the leak of 37,500 internal corporate emails totaling 35.7 GB of data through the transparency collective DDoSecrets. The breach impacted Forest and its associated companies, though specific subsidiary names or operational divisions were not disclosed in the initial announcement. Anonymous framed the attack as part of #OpRussia, an ongoing campaign targeting Russian entities following the invasion of Ukraine. The leaked data was made accessible to the public, though the exact distribution channels beyond DDoSecrets were not detailed in available reporting. No technical specifics regarding attack vectors (e.g., phishing, vulnerability exploitation) or initial network access methods were provided in the source material.

The leaked emails represented internal corporate communications, potentially exposing operational details, business relationships, or sensitive correspondence. The data volume (35.7 GB) suggested extensive archival extraction, though the temporal scope of the exfiltrated emails was not specified. No immediate statements from Forest management or affiliated entities acknowledging the breach were documented in the source. Similarly, the article did not reference containment measures, forensic investigations, or remediation efforts undertaken by the company. The incident was framed by the attackers as part of broader geopolitical retaliation, aligning with Anonymous’ public support for Ukraine during the conflict. The long-term operational, financial, or reputational consequences for Forest remained unquantified in available reporting.