Cyber Incident Victim: Russian Federal Service for Supervision of Communications, Information Technology and Mass Media

On March 5, 2022, the hacktivist collective Anonymous announced it had successfully breached the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor), the government agency responsible for media censorship and disinformation control. The attackers exfiltrated and publicly released 820 GB of sensitive data from the agency’s systems. The leaked data comprised two primary categories: one containing over 360,000 files dated up to March 5, totaling 536.9 GB, and another containing 290.6 GB of human resources databases detailing internal procedures. Anonymous asserted the stolen material exposed Roskomnadzor’s role in orchestrating disinformation campaigns regarding Russia’s invasion of Ukraine. Concurrently, Ghostsec, a group affiliated with Anonymous, claimed a separate intrusion against the Department of Information Projects (omk.ru), though specific details of this breach were not disclosed.

The incident occurred amid heightened tensions over Russia’s censorship of social media platforms like Twitter and Facebook, which authorities blocked to restrict dissemination of content depicting military actions in Ukraine. Anonymous framed the attack as retaliation against state-sponsored disinformation operations. Pro-Russia hacktivists subsequently asserted they had disrupted an alleged Anonymous website, though this claim was contradicted by reports that the collective maintains no centralized online presence. Verification of the leaked Roskomnadzor data’s authenticity faced challenges due to documents being in Russian and the volume of similar unverified claims circulating online. The breach represented one of the largest known data exposures of a Russian state entity during the early phase of the Ukraine conflict, highlighting cyber operations as a tool for disrupting government narratives.