Russia’s largest social media and network service VK (VKontakte) has reportedly experienced a major data breach that impacted more than half of its users. According to a threat actor using the alias "Hikki-Chan" on the illegal marketplace BreachForums, VK suffered a significant data breach in September 2024. VK boasts 1.1 billion monthly visitors, making it the 23rd most visited website globally, according to Similarweb. Its audience is predominantly Russian, with 89% of its traffic originating from Russia. The threat actor claimed that this breach exposed the personal information of hundreds of millions of users, including basic identity and location details.

The types of compromised data reportedly include user ID numbers, first and last names, gender, profile pictures, country, and city. The uploaded 7z archive contains 390.4 million records, and when uncompressed, it occupies 27.6 GB of storage space. The threat actor told Hackread.com that VK itself was not directly breached; instead, the data was obtained through a third-party breach that exposed VK’s data.

In 2022, VK suffered a data leak containing more than 126 GB of data, including 32 million records with links to photos, full names, and other scraped and API-queried information. According to ZDNet, in June 2016, hackers stole 171 million VK accounts and attempted to sell the data, including plaintext passwords, for around $580 online. According to a report from cybersecurity company Cyfirma, the threat actor Hikki-Chan emerged earlier in 2024 and has previously targeted numerous Israeli companies and government institutions, including the Israel Police, the Ministry of Defense, and the Ministry of Welfare and Social Services.

Here are some of the measures we need to take to protect ourselves from this type of attack;

• Always use the most up-to-date security measures on your system,

• By using multi-factor authenticator (MFA) on your social network accounts, you not only need to enter your password, but also an additional verification step. This provides an additional layer of security,

• Your system should always be updated with the latest version,

• Do not click on links from people you do not know or access links in suspicious emails. These links may contain phishing attacks,

• Information about vulnerabilities and new threats should be regularly obtained from trusted sources.