Senator Andrei Klishas, head of the Federation Council Committee on Constitutional Legislation, has stated that current measures for personal data protection in Russia are insufficient, a conclusion drawn from recent cyberattacks on Russian companies.
According to Klishas, “recent events clearly indicate that the measures taken to secure information infrastructure and citizens` personal data, including turnover-based fines, have proven to be inadequate.”
He further noted that the Federation Council, in collaboration with the Russian government, will continue developing legislative initiatives in this critical area.
Recent incidents highlighting these vulnerabilities include a cyberattack on the “Semeiny Doktor” clinic chain on July 29, which reportedly led to the loss of patient databases. On the same day, the “Stolichki” pharmacy chain was also targeted by cybercriminals, with promises of swift service restoration. Earlier, on July 28, the airline “Aeroflot” experienced a major technical failure that paralyzed its operations, leading to numerous flight cancellations across Russia. Hackers later claimed responsibility for the Aeroflot disruption and asserted that customer personal data had been compromised, though this claim was not confirmed by Roskomnadzor.
Clement Ashworth 
Barnaby Whitfield