Skip to content
Support
Sign In Subscribe
Data Breaches

Russian Defense Research Institute VNIIR-M Allegedly Breached, 116GB Listed For Sale

 and  Dark Web Informer
10 min read
Breach Report Russia flagRussia Defense

Russian Defense Research Institute VNIIR-M Allegedly Breached, 116GB Listed For Sale

A threat actor using the alias Rhodes is advertising the sale of a claimed 116GB dataset of around 125,000 files said to be stolen from VNIIR-M, described in the listing as a Russian scientific research institute focused on radio communications and electronic defense and involved in defense-related R&D. According to the post, the data allegedly spans military research and development activity, invoices and contracts, organizational and leadership structures, commercial details on partners, component sourcing and supply-chain records, an inventory of components used in Russian military systems, and projects involving weapon-system integration. The actor is offering it from $60,000 (non-exclusive) to $100,000 (exclusive) alongside a free sample teaser. The dataset's authenticity and scope are unverified.

Data~116 GB
Price$60k to $100k
CountryRussia flagRussia
ActorRhodes

Post details

TargetVNIIR-M, defense research institute
CountryRussia flagRussia
SectorDefense / Military R&D
Claim~116GB / 125k files for sale
DataR&D, contracts, component records
Sample~10GB free teaser offered
ObservedJun 17, 2026
Price$60k non-excl / $100k excl

!Allegedly included

  • ~125,000 files (~116 GB)
  • Military R&D activities
  • Invoices & contracts
  • Org & leadership structures
  • Partner commercial contacts
  • Component sourcing & supply chain
  • Inventory of military-system components
  • Weapon-system integration projects

Screenshots

VNIIR-M Russia alleged leak Screenshot 1 Screenshot 1 Redacted preview VNIIR-M Russia alleged leak Screenshot 2 Screenshot 2 Redacted preview

Potential impact

This sits in the critical tier because the listing allegedly involves internal data from a Russian defense research institute, including records tied to military components and weapon-system integration work. If authentic, exposure of contracts, sourcing, supply-chain and partner information could reveal procurement relationships and dependencies, expose named partner companies and individuals to targeting, and create espionage and operational-security risk for the institute. Internal organizational and leadership documents add further counterintelligence exposure. No technical specifications, component designs, sample files, seller contact details, or purchase information are reproduced here. Authenticity and scope are unverified.

iStatus

Unverified

A free sample, proof screenshots, and a sale listing were posted to an underground forum; the sample files, technical content, seller contact details, and purchase information are not reproduced here. The claim has not been independently confirmed and VNIIR-M has not publicly addressed it.

Want the non-redacted screenshots? Paid subscribers get all of the claim details and unredacted screenshots. Check out the threat feed or ransomware feed (whichever applies to this post), then after subscribing, search there for this alert to view the unredacted version. View pricing →

DARK WEB INFORMER - THREAT INTELLIGENCE

Related

Latest