Just wow wow wow. The Ukrainian newspaper Pravda leaked what appear to be personal data of 120,000 Russian soldiers fighting in Ukraine — if confirmed as accurate, we're probably looking at one of the best-timed and most devastating leaks of all time pravda.com.ua/news/2022/03/1…

Ukrayinska Pravda is a serious outlet, claiming to have a "reliable source." Intel penetrations of Russian gov and mil targets appear to be off the charts. GRU and others have a long history of catastrophic OPSEC. Still, I would want to see some independent confirmation here.

Important to note that there's a long history of leaking lists of names of covert personnel (see chapter "The Book War," in my ACTIVE MEASURES). We have examples of lists that are entirely legit, and some that were at least in part forged, for practical and psychological effect.

What's the practical effect? We know from history that a leak of personnel names has a powerful psychological effect on the organization in question. It creates an acute sense of vulnerability, in a very personal way, for those in charge, and for those exposed.

A leak of this kind also creates an immediate, hard dilemma for leadership: do you tell your own people that they have been doxed, so they won't learn about it from social media, press, or families, and embarrass yourself now—or do you not tell them, and embarrass yourself later.

Of course there's also sweet historical irony in this leak (either way, if it's legit or forged): this is an old Soviet active measures tactic now used against an army under the command of an ex-KGB officer who surely is familiar with this method.

Important note of caution here from my old colleague Ian. Any successful hits in cross-referencing so far?

Another note on verification: if history is any guide, then neither a few cross-referencing hits nor a few cross-referencing misses will allow a high-confidence assessment on the leak's veracity. The Russian army will either deny or glomar. Be prepared for long-term ambiguity.

Important note: this leak also exists in a file format that offers significantly more detail—and exif data. Some of the exif data show create/modify dates from April and June 2021, one file dates back to 2006.

Alternative hypothesis: we're looking at older, generic (and probably genuine) Russian army lists not directly linked to the invasion.

Worth noting that the leak appears to contain names, DOBs, addresses, unit affiliation, passport numbers, and phone numbers for thousands of alleged Russian military personnel. Verification more likely given this granular information.

Again: lists may not be linked to invasion.

Fresh and fascinating analysis of the Ukrainska Pravda leak, based on Field Post Numbers counts