Lawyer Alexander Babichev points out that access to data within

tanjimajuha20 · Post by **tanjimajuha20** » Wed Jan 22, 2025 4:44 am

How are leaks punished now?
Lawyers interviewed by Forbes disagreed on the bill. According to Alexander Kazus, a partner at the law firm Sonichev, Kazus and Partners, the clause on "repeated data leaks" speaks to the adequacy of the proposed punishment. It is now common practice to leak stolen data in parts, simulating repeated hacks, argues Sergey Sayganov. "That is, hackers unloaded a database as part of one cyberattack, leaked part of the data immediately, and the second part - six brazil whatsapp number database months later, while declaring a repeat attack. In this case, it is quite difficult for the company and managers to justify themselves and their infrastructure," he believes. In 2023, there were indeed cases where attackers passed off old leaked data as new major leaks to attract increased attention, agrees the FACCT representative.

the organization is not limited to one person, but to several dozen, including low-income employees. "In essence, people who receive small salaries operate with data worth many millions of rubles, and the temptation to use it is great," he believes.

In current judicial practice, liability for disclosure of personal data is mainly imposed on companies, says Maxim Morozov, managing partner of the KMK law firm. According to him, in the cases he analyzed at the request of Forbes, it was the legal entities that were responsible for the leaks. On average, it ranged from 25,000 to 70,000 rubles, while the courts most often imposed liability on banks in the amount of 60,000 rubles.

There are very few cases where top managers were held accountable for leaks, confirms Sergey Saiganov. More often, responsibility falls on the executors or the CEO, and the information security director usually ends up with a disciplinary sanction, or at most, dismissal. "As well as ordinary employees: in my practice, there have been no cases where an employee was punished within the framework of administrative or criminal proceedings for failure to prevent a leak," the expert notes.