A security flaw had exposed the personal data of at least 12 million users of Moscow’s citywide wireless Internet network, allowing potential hackers to track movements in the public transportation system for almost a year.
In a blog post last month, software engineer Vladimir Serov said he had uncovered the vulnerability on the metro’s publicly available WiFi authorization page. Maxima Telecom, the company that provides WiFi services in the Moscow metro, reportedly admitted that the security flaw had existed, but said in a statement that it had since removed the vulnerability by encrypting users' profile data, while rejecting media reports that there had been a massive data leakage.
The Moscow WiFi network exposed personal data “including phone numbers, gender, approximate age, marital status, wealth, your home and work stations,” the The-Village.ru website quoted Serov as saying Monday.
The insecurity allowed potential hackers to trace passengers' movements inside the metro, including their exact train carriage, Serov said.
According to Maxima Telecom, 12 million users were signed up to Moscow’s WiFi network as of late 2016, the latest year that figures were released. The same operator began providing WiFi access in the St Petersburg metro last year.
The Village traced the public network’s vulnerability back to at least May 17, 2017.
Maxima Telecom wrote that it had asked Smirnov to take down his blog post, which he declined to do and has since updated to confirm that the vulnerability has been “supposedly” removed.
“Why should I remain silent about my personal data being treated like this?” The Village cited the software engineer as saying.
A Message from The Moscow Times:
Dear readers,
We are facing unprecedented challenges. Russia's Prosecutor General's Office has designated The Moscow Times as an "undesirable" organization, criminalizing our work and putting our staff at risk of prosecution. This follows our earlier unjust labeling as a "foreign agent."
These actions are direct attempts to silence independent journalism in Russia. The authorities claim our work "discredits the decisions of the Russian leadership." We see things differently: we strive to provide accurate, unbiased reporting on Russia.
We, the journalists of The Moscow Times, refuse to be silenced. But to continue our work, we need your help.
Your support, no matter how small, makes a world of difference. If you can, please support us monthly starting from just $2. It's quick to set up, and every contribution makes a significant impact.
By supporting The Moscow Times, you're defending open, independent journalism in the face of repression. Thank you for standing with us.
Remind me later.
