Russia’s NKTsKI warns financial sector organizations about a breach at major Russian IT service and software provider LANIT.
Russia’s National Coordination Center for Computer Incidents (NKTsKI) warns the financial sector of security breach at IT service and software provider LANIT, potentially affecting LANTER and LAN ATMservice.
According to the security breach notification published by GosSOPKA, the attack occurred on February 21, 2025.
“On February 21, 2025, FinCERT notified credit and financial sector organizations about a possible compromise of LANTER LLC and LAN ATMservice LLC, which are part of the LANIT group of companies.” reads the security breach notification published by GosSOPKA. “The NKTsKI recommends that all organizations change passwords and keys for accessing their systems operated in LANIT data processing centers as soon as possible. If the developments and software products of the LANIT group of companies are used in your infrastructure and LANIT engineers are provided remote access to them, it is also recommended to change the connection data.”
NKTsKI recommends organizations to strengthen monitoring of threats and information security events in systems provided by LANIT.
LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers. Founded in 1989, LANIT offers a wide range of IT solutions, including system integration, software development, cybersecurity, cloud services, and IT consulting. The group serves various sectors, including finance, government, healthcare, and telecommunications.
LANIT has multiple subsidiaries, such as LLC LANTER and LLC LAN ATMservice, which focus on financial IT solutions, including payment processing and ATM services. The company plays a significant role in Russia’s digital infrastructure and has partnerships with global IT vendors.
In May 2024, U.S. Treasury sanctioned LANIT due to its role in facilitating Russia’s acquisition of technology and equipment for its war machine.
“LANIT Incorporated (LANIT) is a Russian information technology company whose customers include the Russian Ministry of Defense and U.S.-designated military-industrial base entities such as Rostec and United Aircraft Corporation.” said U.S. Treasury.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, NKTsKI)
