The most successful cyber-attack in the history of Belarus, involving entry to the regime’s most secret and sensitive data vaults, has been revealed by a group calling itself Belarusian Сyberpartisans. The scale of the hack is unprecedented.

Hitherto known for pinprick attacks on the state structures of Aliaksandr Lukashenka’s regime, the group announced its hack late last month.

Cyberpartisans accessed enormous amounts of data from archives across Belarus. It downloaded material from sections of the AIS Pasport (АИС Паспорт) database, which contains all personal details of every Belarusian citizen including passport photos, home address, and place of work. Most damagingly, AIS Pasport also included the restricted section containing information about KGB and other special services employees. As proof, the group published information on senior KGB officers, as well as those of the deposed Kyrgyz President Kurmanbek Bakiyev, who has been hiding in Belarus for the past decade. Cyberpartisans, whose members and location are not known, passed the material to Belarusian journalists, who confirmed the authenticity of the database.

The regime has made no admission about these events. However, on 12 July, the Belarusian Interior Ministry issued a statement explaining that many of its services had failed “due to the abnormal heatwave,” and it would take at least a week to restore their operation. From 8-16 July, many Interior Ministry services had been inaccessible, including car registration and fine payment services. While the government statements were untrue, they did nonetheless inspire the cyberhackers to name their digital break-in Operation Heatwave.

The hack went still further, capturing data from the AIS GAI-Centr (АИС ГАИ-Центр) database used by traffic police, downloading everything including details of every vehicle and its owner, pictures of all driver licenses, information about fines, violations, special vehicles used by police and secret services and much more.

Cyberpartisans also downloaded the last 10 years of emergency calls, containing all personal details of regime informers who reported on co-workers and neighbors for organizing local gatherings, displaying the old Belarusian white-red-white flag and similar crimes against the regime.

Image: Telegram post by Cyber Partisans claiming to have launched “the largest-scale cyberattack in the history of the Republic of Belarus,” stating that the attack was a strike at the “terrorist regime” in response to its continued repression against civil society and the independent media.

Image: Telegram post by Cyber Partisans claiming to have launched “the largest-scale cyberattack in the history of the Republic of Belarus,” stating that the attack was a strike at the “terrorist regime” in response to its continued repression against civil society and the independent media.


And perhaps most importantly Cyberpartisans downloaded terabytes of tapped phone calls of the entire security apparatus – from an ordinary police officer in a remote town to the Interior Minister himself, and even KGB handlers talking to their sources.

The group also claimed it had hacked into all speed and surveillance cameras across the country and suspended over 125,000 fines. This fits with the group’s early modus operandi last year when it took control of Belarusian state TV websites and replaced the live transmission with footage of police brutality.

In addition, the hackers entered the Interior Ministry’s personnel department files and took possession of every employee’s personal data and work history, including details of any disciplinary or criminal offenses committed.

What might emerge from this mountain of material is hard to know, but it could be very significant based on early indications. Belarusian journalists reviewing AIS Pasport have already been able to prove that during the covid-19 pandemic Belarusian authorities failed to report over 32,000 deaths – 17 times more than official statistics suggest.

There are of course valid concerns about this volume of private information in the hands of hackers. The only safeguard is in the hackers’ professed ethics. Cyberpartisans said: “All the data obtained will only be used for deanonymization of regime accomplices, ordinary people have nothing to fear. We have better data protection [than the regime], and after our victory, we will delete everything.”


Photo: Riot police officers detain a participant in the Dziady opposition march in Independence Avenue. The annual march is held by the Belarusian opposition from central Minsk to Kurapaty, a mass burial site of victims of Stalinist repression, on the eve of Dziady, the day of remembrance of the deceased ancestors. Mass protests are held in Belarus since August 9, the 2020 presidential election. Credit: Stringer/TASS.

WP Post Author

Tadeusz Giczan

Tadeusz Giczan is a nonresident fellow at the Center for European Policy Analysis (CEPA).

Giczan is a London-based journalist with NEXTA, Belarus’s largest telegram channel, and a PhD candidate at the University College London, School of Slavonic and East European Studies. He does research on political and economic elites, patronal politics, and clientelism in modern Belarus, including the role and activities of individuals and structures in the shadow of president Lukashenka who underpin and benefit from his regime.

Originally from Minsk, Belarus, he graduated from the Nicolaus Copernicus University with a BA in military studies. He also earned a master’s degree in international relations from the University of Warsaw.

See author's posts

August 13, 2021

Europe’s Edge is an online journal covering crucial topics in the transatlantic policy debate. All opinions are those of the author and do not necessarily represent the position or views of the institutions they represent or the Center for European Policy Analysis.