That risk isn't bigger than anywhere else since we are talking about private company really concerned about security. How many leaks were there through government channels from Mail.ru Group or Yandex? None, and the reason is that, given all necessary security measures taken, you cannot just copy such a database to CD. The access will be limited to few well-paid people in IT Ops, the database can be secured using a solution certified by FSB (and even if FSB will hack it, these guys do not expose themselves by selling CDs on Gorbushka).
«A vendor going by the online handle of “saul_berenson” is selling 57 million Mail.ru accounts on darknet in BTC 1.0000 (628.78 US Dollar).
The sold data includes emails and MD5 passwords of Mail.ru users. According to the seller, “these passwords are very easy to crack.” Remember Mail.ru was hacked twice, one in July and August 2016 when 27 million accounts were stolen and before that in May 2016 when 57 million accounts were stolen. We suspect that the stolen data is from May 2016 breach.
Yandex is another Russian Internet giant serving as the country’s largest search engine and like Mail.ru the corporation has been under attack by hackers numerous times. However, now, a vendor is selling 6.5 million Yandex accounts containing emails and passwords. The total number of sold accounts is 659,5756 with both hashed and clear-text passwords.»
The whole idea of an government operation, like that, is to put finger first, then whole hand. When data will be in Russia, government will demand 24x7 access to it. Then data will be copied somewhere, then sold.
Seriously? I can give you free access to credentials from 164,611,595 LinkedIn accounts right now. This data has been copied and sold many times over with zero help from any government.
