Hackers Allegedly Hacked Russian-Cyprus FinTech Qiwi

Hackers from Network Battalion 65 (NB65), a group linked to the decentralized hacktivist collective Anonymous, claimed in a tweet they had hacked the Nasdaq-listed Russian-Cyprus payment processor Qiwi (PC42 profile), a major provider of payment and financial services for the CIS countries.

The message posted by the @xxNB65 on Twitter notes that Qiwi also offers the most widely used payment app in Russia — that being the main reason why it was targeted. The Qiwi payment network has more than 16,6 million wallets and virtual cards.

The self-proclaimed hackers say they have encrypted Qiwi’s networks with a ransomware kit. NB65 also claims it has the credit card data of around 12.5 million of the company’s clients and about 30 million payment records. The hackers gave Qiwi three days to contact them.

We will release 1 million records each day after your 3-day contact period has expired. You should probably reach out to us soon if you want your business to survive,” the hackers have warned, adding that if there’s someone to blame for the situation, that’s Russian President Vladimir Putin.

Since Russia invaded Ukraine, the group has targeted the websites of the Kremlin, the State Duma, and the Defense Ministry, attacked Russian TV channels, and released millions of emails. In March, the collective said it had published 28GB of Bank of Russia documents.

Qiwi denies being hacked, stating that its payment services are operating normally and insisting its customers’ personal information is safe.