PRESS: Cbank leaks data of 120,000 blacklisted people, firms
MOSCOW, Apr 12 (PRIME) – Personal data on about 120,000 individuals and companies that were rejected by banks from June 26, 2017 through December 6, 2017 under the money laundering and terrorism financing law leaked from the central bank in the first such case ever, Kommersant business daily reported on Friday.
Individuals and individual entrepreneurs comprise the bulk of the leaked database, which discloses names, birthdates, and passport numbers of individuals, and names and taxpayer IDs of individual entrepreneurs. The list also comprises companies with names, taxpayer IDs, and primary state registration numbers, the business daily said.
Representatives of the central bank and the Federal Financial Monitoring Service say that such leaks within the regulator are impossible, but IT experts told Kommersant that it was the central bank’s fault because of errors in designing of a safe data transmission system.
The system works this way: a bank collects data on the clients that were rejected under the law that prohibits money laundering and terrorism financing, transfers it to the central bank, and the regulator transfers it to the service, which processes it and sends back to the regulator that distributes it to the banks in an aggregated state.
Alexei Rayevsky, CEO of developer of data security systems Zecurion, said that the leak could have happened in the central bank, in the service, or in any of banks. Only the central bank should have controlled the database, while the current state of the system does not ensure clear localization of the leak.
Amina Appayeva, lawyer at FMG Group, said that leaks are not only dangerous for clients because their personal information is disclosed. Information that clients are on the list may lead to difficulties with the banking services, problems with security services in job hunting, rejections to sign contracts, and other risks. Even law-abiding people can find themselves on the list, she said.
“Banks often blacklist lawful clients due to negligence or technical errors,” she said, as quoted by Kommersant.
End