-
A hacker leaked the entire MAX.ru messenger user database. It contains 46.2 million records with names and phone numbers.
-
The hacker claims to still have internal access, including access to systems like Salesforce and admin dashboards.
-
The breach is a major blow to a platform often linked to the Russian government. It highlights systemic digital vulnerabilities.

One of Russia’s biggest messaging apps just got breached, and user info for millions of people dumped on the dark web.
The records leaked aren’t just the usual boring data either, we’re talking super personal details. It’s one of the nastiest leaks Russia’s ever seen, at least in recent years, raising serious questions about data security in the country.
The Breach Details
A hacker using the alias Titusko25357 is responsible for the leak. They posted the data on the dark web marketplace DarkForums. The hacker claims it is the complete MAX.ru messenger database.
We are talking a dump containing 46.2 million user records – names, surnames, phone numbers—all in Russian. Screenshots provided show sample data with real user details. Imagine waking up and finding out your details are floating around in hacker-ville.
This confirms the authenticity of the leak. It indicates a large-scale compromise of the platform. The hacker also made bold claims about ongoing access. They stated they maintain VPN access to internal tools.
This includes access to Salesforce and administrative dashboards. Such access could allow for further damage. MAX Messenger has long earned a reputation as a government-linked communication app.
The breach is a severe embarrassment. Online commentators quickly reacted with jokes. They noted that “MAX’s database is now not only with the FSB.”
A Pattern of Vulnerabilities
This incident isn’t isolated, Russia recently experienced other massive data breaches. Another hack resulted in the theft of 3 terabytes of personal data.
That data came from two major SMS service providers. The leaked information was highly sensitive. It included bank verification codes and private messages.
This exposed the privacy of millions more citizens. Experts claim that these breaches undermine the idea of “sovereign internet” in Russia and that the country’s hype around independence in cyber space is no longer credible.
These breaches reveal a continued high vulnerability to global hacking groups. The security of Russia’s digital infrastructure is now in serious question.
The Stolen Data Lifecycle
Stolen data immediately becomes a commodity. Hackers trade it for profit on the dark web. They sell it on hidden, non-indexed sites.
These markets offer anonymity from law enforcement. People also trade data on encrypted messaging apps like Telegram. Hackers create private channels for buyers and sellers.
Some data ends up on invite-only forums on the surface web. Operators heavily moderate these forums to avoid detection, and they usually sell the data quickly.
It is most valuable when it is fresh and usable. In this case, someone posted the MAX user data publicly on a forum. This makes it freely available to any malicious actor.
The leaked information is a goldmine for criminals. They can use it for phishing scams and identity theft. Having your name and number floating around out there is basically like handing scammers a loaded weapon. It’s wild how one leak turns into a goldmine for social engineers – they’ll know who you are, how to get ahold of you, and probably even what you do on your break time.
Honestly, if you still think any app or service is totally bulletproof, we’ve got a bridge to sell you. Hackers keep leveling up, and most companies are just scrambling to catch up. With this stolen already lurking on the dark web, we’d bet this is only the first domino to fall. Things could get messier for a whole lot of people real soon.