Saltar al contenido
Global football coverage: leagues, tournaments, fixtures, tables, transfer context and match guides.
News

Password Manager Passwork Accused of Concealing Russian Security Service Ties

An investigation by the OCCRP reveals that the European-based password manager Passwork, used by government agencies and universities, has undisclosed origins and potential links to Russian intelligence services.

News Published 17 July 2026 3 min read FootballGames10 Desk
A visual representation of a secure password manager interface or a padlock symbol.
Featured image from the source article

A password manager used by various European government agencies and universities is facing scrutiny over its origins and alleged concealment of ties to Russian security services. An investigation by the journalist collective OCCRP, in collaboration with outlets like Investico, NU.nl, De Groene Amsterdammer, Le Monde, and De Tijd, suggests that Passwork, despite its European base in Spain, originated in Russia.

The researchers claim Passwork has obscured its Russian roots and connections to Russian security services. The company’s website emphasizes its European identity, stating it was founded in Finland in 2017 and recently relocated to Spain. However, the investigation indicates that Passwork was actually developed in Russia in 2014 and continues to be offered and utilized by major Russian state-owned enterprises such as Gazprom and Transneft. A Finnish branch was established several years after its founding but was reportedly dissolved following Russia’s invasion of Ukraine.

Key facts

Fact Detail
Company Passwork
Allegation Concealed Russian origins and ties to security services
Investigating bodies OCCRP, Investico, NU.nl, De Groene Amsterdammer, Le Monde, De Tijd
Reported usage European government agencies, universities, Gazprom, Transneft, RTV Noord, Lucrasoft, French port company, Irish government agencies
Action by Novar Immediately discontinued use of Passwork after being notified by investigators

Strategic European Presence

According to the investigation, the Finnish branch was deliberately created to attract Western clients. A post from the software company on a tech forum in 2017 reportedly stated, “We recently realized that people, no matter how you look at it, don’t really trust Russian products. To promote Passwork in the West, we need an official company in a ‘normal’ country.”

While the journalists found no direct evidence of Passwork exfiltrating passwords or leaking information, they highlighted that companies operating under Russian law are obligated to comply with requests from Russian security and intelligence services.

Expert Concerns

Experts have voiced concerns that the Kremlin could gain “far-reaching insight” into software and system vulnerabilities through companies using the Passwork password vault. This is particularly worrying given its use by entities like Novar, one of the largest builders and managers of solar parks in the Netherlands, which could represent an attractive target for Russia.

The password manager is also reportedly used by RTV Noord, Dutch IT company Lucrasoft, a French port company, and various Irish government entities. Novar, upon being informed by the journalists, has reportedly ceased using the password vault immediately.

Divergent Views

Not all entities using Passwork appear convinced of the potential threat. RTV Noord reportedly informed Investico that they are confident Passwork is a European company and intend to continue using the software. Others have refrained from comment or indicated they would initiate their own investigations.

Passwork’s Response

Alexander Muntyan, director of Passwork, stated that the company obtained a license to sell the software in Europe through a company based in the UAE, run by Russian founders. He asserts that the company utilizes servers in Germany and that no servers, customer data, or other systems are shared with the company in Russia. However, experts caution that the location of the central server in Europe does not prevent potential access or login from Moscow.

The implications of this investigation raise significant questions about data security and the potential for state-sponsored espionage, particularly for organizations handling sensitive information.

Source: NOS Voetbal, https://nos.nl/l/2623323

Source

NOS Voetbal Original publication: 2026-07-17T09:16:02+00:00