
Car Registrations May Point to Massive GRU Security Breach - tim333
https://www.bellingcat.com/news/2018/10/04/305-car-registrations-may-point-massive-gru-security-breach/
======
TACIXAT
>their listing in a publicly accessible database may constitute one of the
largest mass breaches of personal data of an intelligence service in recent
history

Pretty sure the OPM breach holds that record.

~~~
SEJeff
The CIA maintains their own personal files and does not use the OPM. Granted,
the theory is that China could cross reference the OPM hack data with foreign
diplomats coming to China to find which ones are the spooks, but the data on
spooks hasn't been compromised. At least not that we are aware of.

[http://www.slate.com/articles/technology/future_tense/2015/0...](http://www.slate.com/articles/technology/future_tense/2015/06/opm_hack_it_s_a_catastrophe_here_s_how_the_government_can_stop_the_next.html)

    
    
        Former NSA senior counsel Joel Brenner called the material “a gold mine for a foreign intelligence service,” declaring, “This is not the end of American human intelligence, but it’s a significant blow.” (Points to the CIA, which refused to have anything to do with the OPM and thus kept its own employees’ information safe.)

~~~
TACIXAT
The US has a lot of organizations in its intelligence community (beyond the
CIA) that were affected by this breach.

------
cryoshon
another fantastic piece of work by bellingcat! i am starting to worry for
their health, however.

bellingcat is basically the opposite of wikileaks. rather than repackaging
leaks from insiders, they just repackage information that is there for
everyone to see. can't fault em for that.

~~~
qaq
It looks like they most likely have photos of most GRU agents at this point so
will not be easy for them to travel now.

~~~
baybal2
There is a KGB hitman who was detained more than 10 (!) times all over Eastern
Europe, and Middle East, but was coming back again and again under new
passports

~~~
nyolfen
i think we can assume this was before facial recognition software was
available. if you get burned now it’s probably forever.

~~~
TrainedMonkey
There are a number of ways to fool facial recognition.

------
MaupitiBlue
All those millions of man hours of human capital investment in those
officers...

Burn.

Plus, it’s probably safe to assume this will be a gift that keeps giving.
Presumably there are other GRU locations where whoever was in charge of
registering GRU vehicles made the brilliant decision to register them all at.
Identify one, and you get them all.

------
clubm8
Are 100% of these registrations spies? Or could some legit diplomatics be
mixed in? (IIRC like the Americans, Russians use diplomatic posts as cover
majority of time)

~~~
travmatt
Bellingcat found car registrations registered to the GRU conservatory, where
GRU officers reside. This has nothing to do with diplomats.

------
baybal2
Very inconspicuously looking men they have there
[https://imgur.com/a/lBaE4Fk](https://imgur.com/a/lBaE4Fk)

------
sorokod
_The address to which the car was registered, Komsomolsky Prospekt 20,
coincides with the address of military unit 26165_

How long has this been known? The time between this information becoming
available to the time all public databases are searched for this address
matches is probably measured in minutes.

~~~
jtuente
According to a comment on Bellingcat, the vehicle has been registered since
2004.

~~~
baybal2
Likely a service car, paid by the shop. Otherwise, it would've been registered
on a residential address.

They are so poor.

------
prostoalex
How do they know it's not a red herring?

If you run an org with that level of security, you'd want to obfuscate public
databases with some fake details.

------
ggggtez
>blurred text in known font

Pretty sloppy. Anyone know if the blurred text has any interesting
information?

~~~
yorwba
My Cyrillic is rusty and my Russian nonexistent, but the field identifiers
seem to imply that they blurred passport numbers, addresses and telephone
numbers.

------
yasp
Bellingcat is a Western intelligence front, right?

~~~
tim333
It's mostly "British journalist Eliot Higgins" "who was operating out of his
living room in Leicester"
[https://www.bbc.co.uk/news/uk-45665380](https://www.bbc.co.uk/news/uk-45665380)

Though they've expanded now:

>"Up until about a year ago, we were mostly volunteers and I had three or four
people working with me," he says. "Over the last year we have expanded to 10
members of staff plus a translation team and our volunteers. So we've expanded
quite significantly."

~~~
_wmd
After a stint working in a related industry I see red flags every time I read
"citizen journalist", and Higgins is no exception, his day job is closely tied
to US government. That's not to say he's some government shill, his
investigative output is excellent, but put in context I personally can't
believe there isn't some reputational blemish to be noted. People rarely
achieve anything working alone, and these investigations are achieving a lot.

Although I won't link to it, you may be entertained by the paranoid ramblings
RT.com shares about him. Higgins is most certainly neither an altruistic white
knight (western view) or amateur propagandist (Russian view), the truth as
usual is a bit more complex and lies buried somewhere in between.

~~~
MaupitiBlue
My take was that he was fed by a Dutch source. Retribution for MH17.

But does it matter? The point of the story is humor, i.e. the collective
stupidity of the entire unit! Appearantly none of these cyber-geniuses
realized that if their personal car was registered to the base, then maybe
everyone else’s was too, and that might not be a good idea.

I’m not sure how the fact that this wasn’t some random youtube “citizen
journalism” makes it any less funny.

------
dsfyu404ed
Why was this flagged? I get that it's not the BBC or the NY Times but this is
about as "high quality" as journalism gets in a field where every potential
source has reasons to selectively reveal information of varying truthfulness
to mislead everyone else.

~~~
orbital-decay
At the very least, they're laser focused on certain topics and take sides,
which can indicate a huge bias in investigations they are pushing as neutral
and correct. (I didn't flag the article though, and I'm unable to tell if they
are really biased since I didn't follow their topics thoroughly)

------
onetimemanytime
Can you short "Bellingcat," their editors and investigators...I'm willing to
bet that Putin Inc is not thrilled about them.

------
threeando28
[throwaway, 26165]

July 2018 Robert Mueller indictments:
[https://www.justice.gov/file/1080281/download](https://www.justice.gov/file/1080281/download)

Name top of list: Viktor Borisovich Netyksho

Viktor's dissertation ["Mathematical and program support of computers,
complexes and computer networks"]:
[http://www.dissercat.com/content/vosstanovlenie-
parametrov-d...](http://www.dissercat.com/content/vosstanovlenie-parametrov-
diskretnykh-ustroistv-osnovannoe-na-pereotsenke-veroyatnostei-s-is)

