This work exposes a critical privacy vulnerability in a class of private information retrieval (PIR) schemes based on linear codes over finite rings. Challenging the foundational security assumption underlying these constructions, we present a polynomial-time attack that exploits the fact that random linear codes over finite rings are almost surely free modules. By analyzing variations in the dimension of the row space of the query matrix, our method efficiently infers the index of the file requested by the user. The attack recovers the target index with high probability in polynomial time, thereby demonstrating—both theoretically and empirically—that such PIR schemes fundamentally fail to preserve user privacy. This finding carries significant implications for the design of algebraically structured PIR protocols, serving as a cautionary note against uncritical reliance on ring-based coding assumptions.

In this paper we present an attack on a recently proposed code-based Private Information Retrieval (PIR) scheme. Indeed, the server can retrieve the index of the desired file with high probability in polynomial time. The attack relies on the fact that random codes over finite rings are free with high probability and that the dimension of the rowspan of the query matrix decreases when the rows corresponding to the desired index are removed.