Massive Data Breach at VK (VKontakte) Exposes Over Half of Users’ Information

VK (VKontakte), the largest Russian social media and networking service, has reportedly suffered a massive data breach that impacted more than half of its users. According to a threat actor known as Hikki-Chan on BreachForums, VK experienced a significant data breach in September 2024, with the data being made available for download at a minimal cost.

The breach exposed the personal information of hundreds of millions of users, including basic identification and location details. The compromised data includes ID numbers, names, surnames, sex, profile images, countries, and cities. The uploaded archive contains 390.4 million records, taking up 27.6GB of storage space when uncompressed.

VK, which has 1.1 billion monthly visitors and is the 23rd most visited website globally, stated that there have been no security breaches involving personal information. The company claimed that the data was collected from publicly available sources and does not contain any confidential information.

This is not the first time VK has faced a data breach. In 2022, the platform experienced a leak of over 126GB of data, and in June 2016, hackers stole 171 million VK accounts. The threat actor Hikki-Chan has targeted various organizations in the past, including Israeli companies and government institutions.

As VK deals with the aftermath of this latest breach, users are advised to remain vigilant and take necessary precautions to protect their personal information online. The incident serves as a reminder of the importance of robust cybersecurity measures in today’s digital age.