Names, birthdays, passport numbers, job titles – the personal information goes on for pages and looks like any typical data breach. But this data set is very different. It is said to contain the personal information of 1,600 Russian soldiers who served in Bucha, a Ukrainian city devastated during the Russian war and the scene of numerous potential war crimes.
The dataset is not the only one. Another is said to contain the names and contact details of 620 Russian spies who are registered to work in the Moscow office of the FSB, the country’s main security agency. No set of information has been published by hackers. Instead, they were released online by Ukrainian intelligence services, with all names and details freely available to anyone online. “Every European should know their names,” Ukrainian officials wrote in a Facebook post when they released the data.
Since Russian troops crossed Ukraine’s borders in late February, vast amounts of information about the Russian state and its actions have been made public. The data offers unparalleled glimpses into closed private institutions and could be a goldmine for investigators, from journalists to those tasked with investigating war crimes. In general, data comes in two forms: information proactively released by the Ukrainian authorities or their allies, and information obtained by hacktivists. Hundreds of gigabytes of files and millions of emails were made public.
“Both sides in this conflict are very good at information operations,” says Philip Ingram, a former colonel in British military intelligence. “The Russians are quite open about the lies they will tell,” he adds. Since the beginning of the war, Russian disinformation has been consistently debunked. Ingram says Ukraine needs to be more tactful with the information it releases. “They need to make sure that what they are reporting is credible and that they will not be caught telling lies in a way that would embarrass them or their international partners.”
The lists of suspected FSB officers and Russian soldiers were published online by Ukraine’s CIA in late March and early April, respectively. Although WIRED was unable to verify the accuracy of the data — and Ukrainian cybersecurity officials did not respond to a request for comment — Arik Toler, of the investigative center Bellingcat, tweeted that the FSB data appears to have been combined from previous leaks and open source information. It is not clear how current the information is.
Regardless, this appears to be one of the first times the government has doxed thousands of military personnel in one fell swoop. Jack MacDonald, a senior lecturer in military studies at King’s College London who has researched privacy in wartime, says that throughout history nations have maintained lists of their adversaries or attempted to create them. But they have often been associated with counterinsurgency efforts and have not usually been made public. “Openly publishing such lists to your opponent, especially on the scale that digital operations seem to allow, seems very novel,” says MacDonald.
