The cybercriminals put up for sale a database containing about 100 records of Russians who applied for a consumer loan at Dom.RF Bank. Writes about this RBC. The announcement appeared on April 3 on an unnamed site.

The publication got acquainted with a trial list of 10 users. As the journalists note, the records include a complete or almost complete set of data for all ten. They tried to contact the victims of the leak. Six answered the call, and four confirmed that they had applied to Dom.RF for a loan. There is no refutation of the others about applying for a loan yet.

The complete database can be purchased for 100 thousand rubles. Those interested can also buy separate data lines.

Representatives of “Dom.RF” confirmed the leak, explaining its vulnerability in the form for remote filing of applications. According to them, this is the first time that fraudsters have managed to gain access to external bank applications. Customer accounts remained inaccessible to cybercriminals. The company also said that the vulnerability has now been fixed, and all services are working as usual.

Pavel Ikkert, Managing Partner of Ikkert & Partners Law Firm, suggested that fraudsters could use the data of affected citizens for remote loan processing without the knowledge of the document holders. He also recommended that the victims change their passports and contact the police or prosecutor’s office about the leak.