Personal data of Kazakhstani citizens was made publicly accessible after the hacking of a Russian airline booking system.
According to the Telegram channel "Access to the Sea", data on domestic flights of Kazakhstani citizens from 2007 to 2023 leaked online, containing information on nearly 700,000 flights on aircraft operated by airlines Air Astana, Scat, Qazaq Air and Bek Air within the country. The database also includes information on international flights of Kazakhstani citizens on board Russian airlines. The leaked files contain passenger data, their document numbers, phone numbers and email addresses.
For example, following the leak it emerged that in June last year, several members of the Majilis: Albert Rau, Aidos Sarym, Murat Abenov and Zhiguli Dairabaev, were travelling on the same Qazaq Air flight from Astana to Turkestan.
"On the same flight were the chairpersons of the board of the state television company 'Kazakhstan', Lyazzat Tanysbay, Kazakh-speaking blogger Alexey Lodochnikov, Senator Bibigul Zhexenbay, and about two dozen other people. This coincided with the opening of the National Kurultai in Turkestan on that very day," the statement read.
It has become known that this information appeared online following last year's leak from the Russian systems "Leonardo" and "Sirena-Travel". They were hacked by hackers from the Ukrainian group KibOrg. As a result, they gained access to information on 664 million flights.
"Almost immediately they stated they would not post the entire database online. Judging by the number of available rows, currently less than 10% of the total leaked volume is accessible. Until recently, it was believed the database only contained information on Russians, but, as we have managed to ascertain, this is not the case. In addition to data on Kazakhstani citizens, one can find information on citizens of Kyrgyzstan, Uzbekistan, Belarus, and other post-Soviet countries," the statement said.
It is noted that "Sirena" was a Soviet development for transmitting and processing airline reservation data. In Russia, its successor became the "Sirena-Travel" system.
"This same system, as confirmed by the leaked data, was also used in Kazakhstan at least until 2023 (and is most likely still in use), with information on Kazakhstani passengers being transmitted to a central data processing centre in the Russian Federation. Before the annexation of Crimea and the invasion of Ukraine, Russians also used foreign equivalents of 'Sirena', but after the imposed sanctions decided to switch entirely to their own developments. In 2022, 'Sirena-Travel' launched another airline data processing system, Leonardo. A year later, it too was hacked," the statement said.
A criminal case is currently under investigation in Russia in connection with the hacking of the "Sirena-Travel" and Leonardo systems. Named as suspects are the deputy general directors of "Sirena-Travel", Igor Roitman and Alexander Kalchuk.
They are accused of "violating the rules for the operation, storage, processing, and transmission of protected computer information contained within the critical information infrastructure of the Russian Federation".
For context, in November, the Ministry of Internal Affairs established a new specialised Department for Combating Cybercrime. It was reported that the department would focus on identifying and exposing cyber threats, as well as developing strategic steps to combat them.