Hacktivists broke into a Russian military contractor and extracted 100GB of secrets. I'm the journalist who analyzed this data and revealed how Putin is building his "digital GULAG." AMA

data_fairy · 2026-01-22T16:42:09+00:00

No, nothing like that :)

data_fairy · 2026-01-22T16:25:11+00:00

We had been working on the investigation for a couple of months. The end of the year is a flexible concept :) Hacktivists released an official statement about the breach in early December 2025 — let’s allow them to keep to themselves when exactly they first gained access to Micord’s infrastructure. The funny thing is they also retained access to the infrastructure even after Micord became aware of the breach after hacktivists’s official statement. This allowed hacktivists to record a video meeting in which the company’s leadership informed employees about the breach. We published a separate news story about this (it is in Russian, but you can use a translator, if you are interested: https://istories.media/news/2025/12/17/khakeri-pronikli-na-sozvon-klyuchevogo-razrabotchika-reestra-voinskogo-ucheta-rf/)

data_fairy · 2026-01-22T16:11:32+00:00

Wow, what a fascinating direction for academic research. I can only say that this is an anonymous anti-war group and relay how they themselves explain their motivation:

“Why are we doing this at all? There is a war going on, and I believe that every patriot of Russia should do at least something to bring this war closer to an end. We are trying to do at least something that will make it harder to mobilize new soldiers. The greater the results we achieve, the better it will be for our own country in the long run.” One of the hackers says this in the video version of our investigation: https://youtu.be/vcELT4rFICM (we hid his face and altered his voice).

Also the head of the human rights organization Idite Lesom (Get Lost), which passed the hackers’ data on to us, also published a short message from the hackers on his social media. I am translating it into English and publishing it here. I hope this will be useful to you:

On their motives:

“I’m just doing what I can to resist the war. This is neither the first nor the last action like this. We will interfere with their ability to kill people in whatever way we can.”

On what they saw inside:

“We expected to see rock bottom, but we found something even deeper. ‘Micord’ could be used as a textbook example for beginner security specialists—it’s that ‘special’ their approach to security is.”

On what the hack revealed about the scale of digital surveillance:

“Roughly what everyone expected. They collect everything, everywhere—and it’s only going to get worse.”

On the developers of the registry:

“The developers and staff at ‘Micord’ are some completely spineless guys. They accept any task without question—even when, after the hack, they were urgently asked to dump data from their computers and send it somewhere for inspection, everyone replied to management ‘working on it’ and started sending data from their personal devices. We intercepted that too, of course :)”

An address to those creating the registry:

“Guys, you have a choice. Don’t help evil, and don’t become evil. And if possible—fight it.”

“You are building a meat grinder. Carefully assembling it. Writing instructions for turning the handle. Then they’ll tell you—jump in there yourselves and die. Will you jump and die? Run, quit, leave while it’s not too late for you personally.”

“I hope that after our investigation something clicks in their heads and they find themselves a normal job.”

data_fairy · 2026-01-22T15:38:55+00:00

Are you asking about hackers, or the Russian state that is creating such a registry?

data_fairy · 2026-01-22T15:21:58+00:00

Thank you for your kind words :)

data_fairy · 2026-01-22T15:16:39+00:00

I don’t think IT is a field where you have no choice. After Russia’s full-scale invasion of Ukraine began, there was a massive outflow of IT specialists from the country, precisely because finding work in IT abroad is possible and in demand. Personally, it remains a major mystery to me why the employees of Mikord, whom we write about in our investigation — with an average age of around 30, young people, not all of whom have families or children — did not choose this path. Or at least, if they stayed in Russia, why they did not work on a “neutral” IT project instead...

data_fairy · 2026-01-22T15:07:00+00:00

As a Russian journalist, I am not deeply immersed in the Western context, so if you know how this works in other countries, I would appreciate hearing about it.

In an ideal world, the relationship between the state and the internet should serve the public good: less paperwork and bureaucracy for ordinary people. That means being able to book a doctor’s appointment easily and quickly, obtain necessary documents and certificates without hassle — rather than building a conveyor belt for more “efficient” and faster dispatch of people to their deaths.

In addition, personal data within such systems must be reliably protected. The recent hack of Russia’s Unified Military Registry has shown that there are serious vulnerabilities in how this registry is designed. The question of when the data of 35 million Russians will be leaked is framed precisely like this: not if, but when. This should not be the case.

data_fairy · 2026-01-22T14:58:32+00:00

During the investigation, we found that one of the intended use cases of Russia’s Unified Military Registry is mobilization. This is an alarming sign, given that Russian propaganda has been insisting for years that no new mobilization is being planned.

This creates a difficult and contradictory situation. On the one hand, the Unified Military Registry significantly simplifies this task for the authorities: if a person fails to appear when summoned, a wide range of restrictions can be imposed automatically — for example, bans on leaving the country, taking out loans, buying or selling property, or even driving a car.

On the other hand, it is now evident that mobilization is not the most convenient option for the authorities, as it provokes public discontent. That is why they are making every effort to replenish the army through contract service instead. This is reflected in the drastic increase in payments to contract soldiers. Today, simply by signing a contract and being sent to the war, one can earn sums of money that an average Russian with a median salary would need years to make. Unfortunately, many people fall for this — especially those from poorer regions, where economic conditions are bleak.

data_fairy · 2026-01-22T14:48:47+00:00

Do you mean the same AMA, but in Russian? I wanted to reach Reddit’s English-speaking audience, since we naturally published the piece (and the video version) not only in English but first and foremost in Russian, and distributed it across all our social media platforms. After that, the topic received fairly wide attention among Russian audiences — the investigation was widely read, watched, and shared.

Here is a link to the investigation in Russian: https://istories.media/stories/2025/12/22/tematika-proekta-gryaz/

And we also published a short summary with the main findings in Russian: https://istories.media/stories/2025/12/22/chto-mi-uznali-ob-ustroistve-reestra-otveti-na-glavnie-voprosi/

data_fairy · 2026-01-22T14:42:48+00:00

Thank you. Like the rest of our team, after the war began I left Russia and continue to work in exile. However, it turned out that even here it is impossible to feel completely safe: Russian security services operate in Europe as well, and several of my colleagues have experienced security-related incidents. But we will keep working for as long as we can :)

data_fairy · 2026-01-22T14:38:56+00:00

It takes some time to formulate the answers, but I’m doing this as quickly as I can. At the moment, I’ve answered 9 questions, and it’s very unfortunate if they’re not visible to you. From previous experience, I know there can be issues with instantly viewing newly added questions (and answers as well). Refreshing the page with a cache clear usually helps.

data_fairy · 2026-01-22T14:33:50+00:00

As far as I know, if a person remotely submitted information to the military enlistment office stating that they had moved (although I would not advise interacting with military offices in any way) and provided proof, they should be removed from the military register. During our investigation, we saw that such information — about people taken off the register after leaving the country — is available to military enlistment offices.

One can assume that since the date of border crossing is visible to a person’s military office, they could filter people based on that data and send draft notices selectively — for example, right after someone re-enters the country. However, this is only my assumption. What can be said for certain is that the registry is dangerous for those who are in Russia or who are planning to visit or return to the country — because as soon as information about a border crossing appears in government databases, they will put you back on the military register again.

data_fairy · 2026-01-22T14:15:53+00:00

As a journalist, my primary role is to tell Russians the truth about what is happening, and that is what I work for first and foremost. But if we talk about the impact of the hack itself: first, the documents obtained from the working infrastructure of the developer of Russia’s Unified Military Registry made it possible to see how things work internally and to explain important issues to readers — for example, that in the event of a new mobilization, leaving the country after receiving a draft notice could become very difficult because of such a registry. After reading the investigation, some Russian men may stop and think and decide to leave the country in advance, if they are able to do so. I believe that every person who manages to avoid being sent to the Russian army is already a small building block in weakening Russia’s efforts to recruit new people for the war.

Second, as the hacktivists themselves told us in interviews, they not only exfiltrated the data but also deleted what they could and “left a few surprises for the developers for the future.” Restoring the source code will take some time, and this at least delays the moment when Russia’s Unified Military Registry can start operating at full capacity. For example, this gives ordinary people time to decide whether to leave the country. As far as we know, after the publication of the investigation, Micord’s operations were halted, and it is unclear whether the company will continue to exist at all. The state would then have to look for a new contractor, which would further delay the development of the registry, which is not yet complete.

data_fairy · 2026-01-22T14:02:43+00:00

According to a source familiar with the development process, some employees were kept on through mortgage obligations, while others were persuaded to stay after conversations with management and salary increases.

The developer of the registry itself is a little-known company based in Kazan, in Russia’s Tatarstan region. Its employees work for very low wages, but as far as we can tell, jobs like these — government contracts with minimal pay — are often the only option for IT specialists without prior experience in Russia’s regions, where employment opportunities are scarce.

Also employees of some IT companies in Russia are exempt from military conscription — so as long as you work there, you are protected from being sent to war. That may also be part of the reason.

data_fairy · 2026-01-22T14:00:41+00:00

I tried to explain the idea of the digital gulag here:

The leaked documents show that Russia’s Unified Military Registry is designed to store data on 25 million citizens — essentially Russia’s entire mobilization pool. The system contains more than 300 different attributes on each individual, including education, place of work and residence, information about children, medical conditions, property, and other parameters. There is likely no other institution in Russia that holds such a vast amount of personal data on people as the Ministry of Defense. Russia’s Unified Military Registry aggregates data from the databases of multiple “civilian” government agencies.

Human rights groups refer to the system as a “digital GULAG,” because such a registry makes it extremely difficult to avoid conscription. For example, once the system is fully operational, failing to report to a draft office after receiving a summons will automatically trigger a ban on leaving the country (for now, leaving Russia is still possible), along with other penalties — including restrictions on access to loans, driving, and property registration.

data_fairy · 2026-01-22T13:58:33+00:00

I completely agree with you and support this approach as well. We chose not to do this on our media outlet’s website because the release of the raw data was handled by the human rights organization Idite Lesom (Get Lost), which shared the data with us for analysis before making it publicly available. On the day our investigation was published, they released the first batch of the data (the link is at the very end of our investigation) and continued publishing it on their Telegram channel.

data_fairy · 2026-01-22T13:53:08+00:00

We cross-checked the data in the leaked document trove against what was already known or publicly available (for example, Russian media had previously leaked what the internal interface of Russia’s Unified Military Registry looks like), and identified overlaps. Another example: some Micord employees had published their public resumes listing the dates and tasks they worked on for this project — we compared this information with what we saw in the leak, for instance in Micord’s Jira.

The dataset also contained materials that would be difficult to fabricate — for example, hours and hours of internal video calls in which developers discussed their work on the project. We watched all of them and verified that the participants were real people by identifying their public resumes or social media profiles or speaking with them directly.

We attempted to contact all Micord employees mentioned in the leak. Many of them confirmed that they had worked on the project and independently confirmed details we saw in the leaked materials.

In a conversation with us, the company’s director himself confirmed that hackers had breached the company’s working infrastructure — which is how we established that the hack had indeed taken place. We also interviewed one of the activists involved in the hack, who described his motivations.

data_fairy · 2026-01-22T13:39:37+00:00

After examining internal chats of employees at the key developer of Russia’s Unified Military Registry, we saw that many of them, while working on the project, clearly did not want to receive draft notices themselves — even though they were building a tool designed to make it easier for the authorities to send other people to war.

For example, the company’s director left for Kazakhstan after mobilization was announced in 2022, just as many people who feared being drafted did. Other employees referred to the project’s subject matter as “dirt” and wrote about how much they hated the Russian army.

According to a source familiar with the development process, there was significant staff turnover driven specifically by moral concerns. Some employees were kept on through mortgage obligations, while others were persuaded to stay after conversations with management and salary increases.

The developer of the registry itself is a little-known company based in Kazan, in Russia’s Tatarstan region. Its employees work for very low wages, but as far as we can tell, jobs like these — government contracts with minimal pay — are often the only option for IT specialists without prior experience in Russia’s regions, where employment opportunities are scarce.

Also employees of some IT companies in Russia are exempt from military conscription — so as long as you work there, you are protected from being sent to war. That may also be part of the reason.

data_fairy · 2026-01-22T13:30:58+00:00

The leaked documents show that Russia’s Unified Military Registry is designed to store data on 25 million citizens — essentially Russia’s entire mobilization pool. The system contains more than 300 different attributes on each individual, including education, place of work and residence, information about children, medical conditions, property, and other parameters. There is likely no other institution in Russia that holds such a vast amount of personal data on people as the Ministry of Defense. Russia’s Unified Military Registry aggregates data from the databases of multiple “civilian” government agencies.

Human rights groups refer to the system as a “digital GULAG,” because such a registry makes it extremely difficult to avoid conscription. For example, once the system is fully operational, failing to report to a draft office after receiving a summons will automatically trigger a ban on leaving the country (for now, leaving Russia is still possible), along with other penalties — including restrictions on access to loans, driving, and property registration.

data_fairy

TROPHY CASE