Russian Software Firm Kaluga Astral Hit by Cyberattack, Disrupting Critical Business Services
Russian software provider Kaluga Astral confirmed a cyberattack earlier this month that disrupted key services for nearly a week, impacting businesses reliant on its tax reporting, electronic document management, and authentication systems. The company, which serves government agencies, banks, and state-owned enterprises including Russian Post and Moscow’s public transport operator stated that recovery efforts prioritized security over speed, delaying full restoration.
While Astral’s internal investigation found no evidence of customer data leaks or compromise, the attack caused widespread operational issues. Customers reported interruptions in cash register functionality, restricted sales of regulated goods, and loss of access to corporate portals, email, and digital certificate-based authentication. Russian authorities are involved in the investigation, limiting the company’s public disclosures on the incident’s origin or technical details.
This is not the first cybersecurity incident involving Astral. In 2022, the company suffered a DDoS attack that disrupted reporting services, though the perpetrators remain unidentified. Additionally, the IT Army of Ukraine, a hacktivist collective, listed Astral as a target in 2023, though no confirmed breach has been linked to the group in either the previous or current attack. The motive and attribution behind the latest incident remain unclear.
Kaluga Astral cybersecurity rating report: https://www.rankiteo.com/company/kaluga-astral
"id": "KAL1781540804",
"linkid": "kaluga-astral",
"type": "Cyber Attack",
"date": "6/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': ['government agencies',
'banks',
'state-owned enterprises',
'Russian Post',
'Moscow’s public transport '
'operator'],
'industry': 'Technology',
'location': 'Russia',
'name': 'Kaluga Astral',
'type': 'Software Provider'}],
'data_breach': {'data_exfiltration': 'No evidence of data exfiltration'},
'description': 'Russian software provider Kaluga Astral confirmed a '
'cyberattack earlier this month that disrupted key services '
'for nearly a week, impacting businesses reliant on its tax '
'reporting, electronic document management, and authentication '
'systems. The attack caused widespread operational issues, '
'including interruptions in cash register functionality, '
'restricted sales of regulated goods, and loss of access to '
'corporate portals, email, and digital certificate-based '
'authentication.',
'impact': {'data_compromised': 'No evidence of customer data leaks or '
'compromise',
'downtime': 'nearly a week',
'operational_impact': 'widespread operational issues, restricted '
'sales of regulated goods, loss of access to '
'critical services',
'systems_affected': ['tax reporting systems',
'electronic document management systems',
'authentication systems',
'cash register functionality',
'corporate portals',
'email',
'digital certificate-based authentication']},
'investigation_status': 'Ongoing',
'references': [{'source': 'Cyber Incident Description'}],
'response': {'communication_strategy': 'Limited public disclosures on the '
'incident’s origin or technical '
'details',
'law_enforcement_notified': 'Russian authorities are involved in '
'the investigation',
'remediation_measures': 'Recovery efforts prioritized security '
'over speed'},
'title': 'Russian Software Firm Kaluga Astral Hit by Cyberattack, Disrupting '
'Critical Business Services',
'type': 'Cyberattack'}