Six files with tables in CSV format are in the public domain, which means that anyone can download them. Each file contains the data of about 100 thousand users (three databases with information from Avito users, and three more from Yula users). Each record contains information about the user's region of residence, phone number, address, product category, and time zone. The first database was uploaded to the hacker Forum on June 26, and the last one appeared there on July 22.
Russian media writes that they confirmed the relevance of at least part of the published data by calling users at the specified phone numbers.
A representative of Yula said that the uploaded files do not contain personal data of users of the service.
"They only contain information that anyone could get directly from the site, or by parsing (copying using scripts) ads.
Yula is extremely attentive to the security of our users and the safety of their data. We do not disclose information about addresses from ads even when parsing (and this is visible in the files) and allow our users to completely hide their phone numbers, accepting calls only through the service's app," said the service.
The press service of Avito also reported that the user data contained in the databases was publicly available and this is not a leak of information.
The head of the Zecurion analytical center, Vladimir Ulyanov, noted that it may even be a manual data collection since user numbers on Avito and Yula websites are usually covered with stars. The published information, in his opinion, can be used by fraudsters in social engineering.
