Information appeared on the network that hackers from the DumpForums and UHG groups hacked into the website of the Intourist tour operator (intourist.ru) and gained access to a database with personal data of customers.

The attackers extracted more than 5 million records from the database containing:

• Full name (including name / surname in Latin)
• telephone (about 119 thousand unique numbers in total)
• address
• Date of Birth
• floor
• citizenship and place of birth
• series/passport number (including foreign), date of issue/end
• tour date

According to experts, there are a lot of test and invalid entries in the database.

Representatives of Intourist have not yet commented on the situation. There is no mention of a possible security breach on the tour operator’s official website. However, the company warned that it changed users’ passwords for “security purposes.”

Intourist is one of the oldest and largest Russian tour operators, operating on the market since 1929. The company offers tours in Russia and abroad, as well as services for booking hotels, air tickets and visas.

UHG is a hacker group from Ukraine that specializes in cyberattacks against Russian organizations. They also call themselves “white hat” hackers who do not extort money for their actions, but only want to make the truth public.

One of the most famous UHG attacks was breaking network of clinical diagnostic laboratories “CITILAB”, which resulted in the theft of 14 TB of confidential data of customers and employees of the company, including the results of medical tests and information about the health of patients.