Hackers breached the Russian National Payment Card System (NSPK) website and claimed to have also gained access to the Mir payment systems, an alternative to Visa and Mastercard.
It's not unusual to see the banking systems under attack from hackers, but this incident goes to show the importance of the security of any service exposed to the internet. While the Russian side has minimized the effects of the attack, the attackers say they managed to compromise more than just a website.
According to a report by TheRecord, the Ukrainian Cyber Alliance and DumpForums claimed they compromised the NSPK website. While this might not seem like much, the same hackers are said to have compromised the "Mir" payment system. This payment system, developed by Russia after the Crimean invasion in 2014, was designed to bypass established systems such as Visa and Mastercard. In theory, it should make it more difficult to get sanctioned.
"We decided to make it more efficient by leaving a message for the administrators on the main website of the national payment card system," wrote the hackers in a Telegram post. "We managed to hack not only NSPK; we extracted a lot of interesting information from the 'Mir' payment system servers, had a great time in their internal network, and are now ready to announce the hacking of the largest payment operator."
This is where things get interesting. On the one hand, Russian authorities say that, while the NSPK domain was compromised, the system itself has nothing to do with Mir.
"The NSPK website is developed and maintained by a third-party contractor," said NSPK representatives in a press release. "It serves as a company's information page and does not contain any confidential data, nor is it related to the payment infrastructure."
"It is impossible to gain access to any of the company's systems through the website. The company's servers and data centers do not have internet access. The processing of all payments made with bank cards and transactions through the Russian payment system is carried out by NSPK in a regular mode," they added.
In response to these claims, DumpForums released a screenshot showing off a 30GB archive, supposedly containing information from their breach of Mir. It remains to be seen if hackers actually breached Mir.