Recent cyberattacks targeting major Russian companies have brought to light significant deficiencies in the country`s existing personal data protection framework. This assessment comes from Andrey Klishas, head of the Federation Council Committee on Constitutional Legislation, who shared his concerns via Telegram.
According to Senator Klishas, the current measures, which include turnover-based fines for data breaches, are “clearly inadequate” for effectively safeguarding both critical information infrastructure and the personal data of citizens.
He further emphasized that the Federation Council, in collaboration with the Russian government, is committed to continuing its work on developing and implementing new legislative initiatives aimed at bolstering personal data protection for all Russian citizens.
These statements emerge amidst a series of high-profile cyber incidents. On July 29, it was reported that “Semeyny Doktor” (Family Doctor), a large chain of medical clinics, fell victim to a cyberattack, resulting in the reported loss of its patient database.
Earlier on the same day, cybercriminals also targeted “Stolichki,” a prominent network of pharmacies. Authorities have indicated that operations are expected to be restored in the shortest possible time.
A day prior, on July 28, the operations of national airline “Aeroflot” were severely disrupted by a technical malfunction, leading to the cancellation of numerous flights from Russia. Hackers subsequently claimed responsibility for the incident, asserting that they had compromised the personal data of the airline`s customers. However, this specific claim regarding data compromise has not been confirmed by Roskomnadzor, Russia`s federal service for supervision of communications, information technology and mass media.
