Data Thefts in Russia’s Financial Sector Decline in 2025

The number of data thefts targeting Russia’s financial sector fell in 2025, according to Solar, a cybersecurity developer. The company recorded 24 publicly disclosed incidents involving unauthorized access to financial databases in 2025, down from 33 breaches in 2024. About 13 million records were exposed, 32 times fewer than a year earlier.

Overall attack volumes, however, have not declined. The financial sector faced 41 million cyberattacks over the year, fewer than in 2024, but attacks on financial institutions’ web applications surged to 30 million, a 1.7-fold increase. Experts say hackers are increasingly attempting more sophisticated operations aimed at stealing larger volumes of sensitive information.

Countering Threats at the State Level

On average, each company in the financial and insurance sector was targeted by 6,048 cyberattacks in 2025. The industry ranked fourth among all sectors by number of attacks. Analysts at Solar say companies need to step up employee training in digital hygiene to strengthen defenses. More than 30 percent of incidents were linked to internal threats, including staff violating security policies, using malicious software, or attempting to access restricted accounts.

One in five incidents at fintech companies involved attempts to steal and transfer confidential information. Professional APT groups typically seek to obtain such data to harm an organization or an individual.

Modern protection systems are enabling firms to fend off cyber fraud more effectively. Combating online crime has been elevated to the national policy level in Russia.