Russian Railways said they had conducted an audit after reports of hacking public Wi-Fi in Sapsan. The company did not find critical vulnerabilities that could lead to data leakage. This was reported by TASS with reference to the director of Russian Railways information technology Evgeny Charkin.
Charkin said that they would not modify the Sapsan system. “A protected system is that system, breaking it costs more than the value of the information that is there. That’s all, ”he explained.
Firstly, no personal data [in the system] is stored […] Why was it possible to hack? Probably because the attacker. There are no vulnerabilities that would affect the leakage of some critical data.
Russian Railways IT Director
On November 15, a user of Habr told how he hacked Wi-Fi in Sapsan while traveling from St. Petersburg to Moscow and said that passenger data was stored on the servers. The Russian Railways rejected the storage of personal data.