Sensitive details of Covid-19 patients in Russia allegedly leaked on the Dark web

Since the onset of the COVID-19 pandemic, the huge repositories of medical data collected have played a pivotal role in analyzing the impact of the virus for ensuring the appropriate response along with effective planning and allocation of resources. However, the sensitive nature of the data collected has generated several security concerns related to protecting the COVID-19-related apps and databases.

Vulnerabilities and leaks were discovered in COVID-19 apps and systems used in Germany, Wales, New Zealand, India, and others. As recently as September 2020, PII of more than 10,000 individuals in India suffering from COVID-19 found its way to the Internet. The sensitive data comprised names, phone number, addresses and confidential information regarding whether they were cases of re-infection was made available online from alleged sources. In November 2020, a data leak exposed the personal information of millions of Brazilian COVID-19 patients.

While the attention is being directed at the frontline of patient care, cyber threats have descended from all directions with organized cybercrime pushing the cyber defenses of healthcare organizations. In the course of our routine Dark web monitoring, the Research team at Cyble found the post on a Russian-speaking forum where details of patients affected by Covid-19 virus, from Russia, were shared for free.

Some of the data fields from the lot are mentioned below–

  • Name
  • Date of Birth
  • Citizen of Russian Federation – Y/N
  • Passport
  • Address
  • Medical Analysis date, location, Result
  • Hospitalization Date
  • Hospital Name
  • Level of Severity
  • Comments about health from Medical Staff
  • Arrival date
  • Departure Date
  • Home Quarantine Address, Status
  • List of medicines being given to patient
  • Level of oxygen in patient

along with many other sensitive details

Such kinds of medical data leak exposures have the potential to be extremely damaging to the patients who now face the risk of financial fraud and identity theft, in addition to battling the virus. The rising number of such data leaks not only reaffirms the need for updated cybersecurity measures but also underlines the importance of training medical staff in handling the data responsibly. The need of the hour is to raise awareness about the heightened risk of COVID-19 themed phishing attacks.

Here are a few ways to prevent cyber-attacks:

  • Never click on unverified/unidentified links
  • Do not open untrusted email attachments
  • Only download media from sites you trust
  • Never use unfamiliar USBs
  • Use security software and keep it updated
  • Backup your data periodically
  • Keep passwords unique and unpredictable
  • Keep Software and Systems up to date
  • Train employees on Cyber Security
  • Set up Firewall for your internet
  • Take a Cyber Security assessment
  • Update passwords regularly

People who are concerned about their information exposure can register on Cyble’s data breach monitoring and notification platform,, to ascertain the risks at no cost. Also, Android users (Link) and iOS users (Link) can gain full access to it just by downloading the mobile application.

About Cyble

Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups To Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit  

Scroll to Top