How Russia Issues Fake Passports to Its Operatives in Ukraine
On 27 October 2014, a man named Igor Nikoalevich Beregovoy arrived in Simferopol, Crimea, after boarding an Aeroflot flight in Krasnodar earlier that afternoon. Igor Nikolaevich was born on 30 December 1965, from the Crimean city of Simferopol.
However, there is another man named Igor Nikolaevich born on 30 December 1965, and who was born in Simferopol — Igor Nikolaevich Bezler, the infamous separatist commander who controlled the city of Horlivka in the Donetsk oblast in 2014, and who has been credibly accused of a litany of war crimes. On October 27th, the same day that “Beregovoy” arrived in Simferopol, Igor Bezler told the press secretary of his former fighting group in Horlivka that he had left eastern Ukraine and would not return.
Bezler is just one of many Russian operatives who were given fake passports by Russian security services while operating in Ukraine. By using leaked Russian databases, only a few basic biographical details can unmask an operative’s fake identity, as seen with another GRU operative — Oleg Ivannikov (“Andrey Laptev”).
Bezler’s Shoddy Fake Identity
Bezler was issued an internal Russian passport under the name Beregovoy, with all the other personal details (date of birth, first name/patronymic) the same as his real identity. Bezler/Beregovoy used this passport to travel in Russia/Ukraine, as revealed in leaked databases freely available online that show Russian air travel activity in 2014.
The ten-digit number for internal Russian passports are easy to decipher. The first two digits indicate the issuing office for the passport, the next two digits indicate the year that the form was printed, meaning that the passport was likely given in either this year or the following one, and the final six digits are the passport’s serial number. Thus, the “passport neighbors” for “Beregovoy” belong to other people issued their documents in the same batch as him. In a previous Bellingcat investigation, we found that GRU-issued passports to Wagner fighters were in the same “passport neighborhood”, with the final digits being fairly close to one another, as they were all processed together.
The passport of “Beregovoy” (numbered 4513078492) was issued by a Moscow office, as indicated by the 45 at the beginning of his internal passport number. The next two digits — 13 — indicate that the form for the passport was printed in 2013, meaning that the passport was issued in either 2013 or 2014. Lastly, the final six digits — 078492 — refer to the serial number of the passports issued by this Moscow office from 2013-printed forms.
One of the easiest ways to verify a Russian citizen’s real identity is through referencing the taxpayer number (INN), given to all Russian citizens as they reach adulthood. However, when searching for the taxpayer number (INN) for a Russian citizen having these same personal details as Beregovoy, there is no result, indicating that this is likely not a real Russian citizen. Additionally, it’s very unlikely that “Beregovoy” would have a different internal passport, as he was issued this one in 2013/4 and would not need to renew his for quite some time. “Beregovoy” was not listed in any publicly available databases for citizens issued replacement passports due to the document being lost or destroyed.
Today, Igor Bezler continues to live in Crimea, and has indeed not returned to the Donbas since his late 2014 departure. Two weeks ago, Bezler’s wife shared a photograph on her personal VKontakte page showing Bezler (with the moustache, wearing a camo hat) on a boat in Crimea with Sergey “Khmury” Dubinsky (middle, with no hat), one of the four men named as suspects by the Dutch-led Joint Investigation Team (JIT), the official criminal investigation into the downing of MH17. There is currently an international arrest warrant out for Dubinsky.
Issuing a fake passport for an infamous war criminal under his real first name, patronymic, and date of birth may seem sloppy, but the story does not end there. If we are to search for Beregovoy’s passport number in the same 2014 flight database, but having the last two digits as a wildcard operator (allowing for any result for these last two digits), we can find his “passport neighbors” for individuals issued passports at around the same time as him. Running this search, we find a startling discovery: Andrei Laptev, the cover identity of GRU officer Oleg Ivannikov.
This flight information shows that Andrei Ivanovich Laptev, born 6 April 1967, flew from Rostov to Moscow on 23 August 2014. Like with “Beregovoy”, running these details through Russia’s taxpayer database brings about no results. More importantly, we can see his passport number: 4513078464. This passport number differs by only twenty-eight digits from that of Beregovoy (4513078492), indicating that they were issued from the same batch.
Andrei Ivanovich Laptev is not a real person; rather, he is the cover identity of Oleg Vladimirovich Ivannikov, born on 2 April 1967 (four days before the birth of “Laptev”). While operating under the cover identity of Laptev, Ivannikov served as the chairman of the Security Council (2004-2006) and as the Minister of Defense and Emergencies (2006-2008) of the self-proclaimed Republic of South Ossetia. While in eastern Ukraine, Ivannikov/Laptev operated under the code names “Andrei Ivanovich” and “Orion”, and were the subject of a 2016 call for witnesses by the official criminal investigation into the downing of MH17, the Joint Investigation Team (JIT). Ivannikov/Laptev’s distinct high-pitched voice can be heard in his phone calls in the embedded video below.
Easily Exploitable Vulnerability
While Russia is able to change its records for its own internal records and databases, the widespread proliferation of leaked Russian databases serves a continuing threat to the secrecy of Russia’s security service operatives. Russia can modify its internal, active records, but once a database is scraped and leaked online, it is fossilized at the point of leaking — in other words, Russia cannot modify the thousands of offline copies of databases floating around on torrents, leaving any potentially dangerous information out of reach of the state.
The aforementioned travel database is just one of countless leaked databases from Russian records, which also include vehicle ownership records, residential lists, social media details (including from deleted profiles), and far more examples.