In short: In the first half of 2026, the number of publicly posted database leaks from Russian companies fell 46% — 88 cases versus 162 a year earlier — and the volume dropped to 114 million rows. But your data is not safer: names, passport details, passwords and phone numbers still ended up in the open. Here is why postings fell and how to protect your own data.
What happened
On 7 July 2026, the firm F6 (its Threat Intelligence unit) published its half-year leak statistics: analysts recorded 88 new public database leaks involving Russian companies and organisations. That is 46% fewer than in the same period of 2025 (162 postings). The total volume of newly posted databases was 114 million rows — 43% less than last year's 200 million.
The decline accelerated in the second quarter: according to F6, the number of postings fell 70% versus the first quarter and the data volume dropped 97%. The figures were reported by Vedomosti and CNews. What is behind this drop — and whether it means your data is safe — we unpack below; for how network privacy works in general, see our blog.
Why are fewer leaks being posted?
The drop is not because companies stopped losing data, but because leaks became harder to publish. F6 points to several causes:
- the blocking in early 2026 of underground Telegram channels that used to distribute databases;
- the closure of some shadow forums and the unstable operation of criminal marketplaces;
- new rules on several platforms banning the publication of data tied to Russian and CIS organisations.
An important nuance: the statistics track public postings of databases. Data that was stolen but never dumped in the open is not counted — it may be sold in closed channels or used directly in attacks. In other words, fewer leak "storefronts" does not mean fewer stolen records.
What ends up in leaks, and why it matters
According to F6, the half-year's public dumps contained familiar but sensitive sets: full names, home addresses, passwords, dates of birth, passport details, mobile numbers and email addresses. Retail and online shops, education platforms, healthcare and the public sector accounted for the largest share.
For an ordinary person, such a set is dangerous not on its own but in combination. A leaked phone number and name is raw material for targeted scams and "calls from the bank". A password together with an email is a risk that your login-and-password pair will be tried automatically across hundreds of sites — this is called credential stuffing. And passport data is used for years to take out micro-loans and open fake accounts.
Does this mean I can relax?
No. First, 114 million rows in six months is still an enormous amount. Second, previously leaked databases do not disappear: they are resold, merged and reused years later. Third, the drop in publicity cuts both ways — if a leak never goes public, you may not even learn that your data was compromised and may fail to change your passwords in time.
The takeaway is simple: you cannot rely on "fewer leaks" as protection. Guard your data proactively, assuming that some of it is already out there.
How to protect your data
A unique password for every service. A password manager creates and stores long random passwords so a single leaked site does not unlock the rest.
Two-factor authentication. Prefer an authenticator app or a hardware key over SMS. It stops most automated password-stuffing attempts.
Share less data. Do not leave your passport or exact address where they are not required, and use a separate email for sign-ups and newsletters.
Check yourself in leaks. Services like Have I Been Pwned show which known breaches your email appears in — if it is found, change your passwords.
Shrink your network footprint. Let us be honest: a VPN will not remove your data from breaches that already happened, and it does not replace a password manager. But it covers the network half of the problem — it encrypts your traffic on untrusted networks so logins cannot be intercepted in transit, and hides your real IP from sites and your provider, reducing how much data is collected about you. See how LiMP VPN does it on our features page.
Sources
This report is based on coverage by Vedomosti, CNews and the official write-up by F6 on Habr from July 2026.
