The user NoraQ published in «Habrahabr» is the process of hacking the website of the Federal service for supervision in education and science (Rosobrnadzor). This was done not with malice, but in the end managed to get these 14 million users.
The problem lay in the form of verification of authenticity of diplomas, using input forms it is possible to send commands to the server including open database. As the result — name, SNILS, INN, date of birth, passport numbers and diplomas 5 GB in size. For such actions under article 272 of the criminal code to prison terms of up to four years, so the repeat is not necessary.
Form verification of documents of Rosobrnadzor
Most resent the fact that all this time while rocking the file no one even thought about IP blocking or any other protection, that is the site of Rosobrnadzor, we can say that protection is absolutely absent.
NoraQ noted that to sell data collected is not going to, and the purpose of the publication to talk about the problem.