‼️🇦🇪 SIVVI allegedly breached exposing approximately 300,000 customer records from the Dubai-based fashion e-commerce platform

A threat actor claims to have breached SIVVI, a Dubai-based fashion e-commerce platform founded in 2014 by Rashid Alabbar and now owned by noon, delivering to customers across the United Arab Emirates, Saudi Arabia, and other Gulf states.

The actor states the dataset provides a detailed view of the organization's operations including user data, addresses, product catalog, orders, and order items, and is structured into interconnected sections suitable for data analysis and structural research.

Sample rows show UAE-based customer accounts including names, Emirati phone numbers, cities such as Dubai, Abu Dhabi, Sharjah, and Ajman, customer segmentation tiers (VIP, Returning, Occasional, Inactive), and lifetime spending values.

Post details:

▸ Actor(s): Databroker1
▸ Sector: Retail / Fashion E-Commerce
▸ Type: Data Breach / Data Sale
▸ Format: SQL/CSV (multi-table structured dataset)
▸ Price: Not disclosed (selling, escrow accepted)
▸ Records: ~300,000 UAE customers
▸ Country: United Arab Emirates
▸ Date: 11/05/2026

Compromised data:

Users Core Table:
▪️ user_id
▪️ email
▪️ phone_number
▪️ status (active/inactive)
▪️ created_at
▪️ last_login
▪️ account_type

Customer Profile:
▪️ user_id
▪️ full_name
▪️ gender
▪️ age_group
▪️ country
▪️ city
▪️ customer_segment (VIP, Returning, Occasional, Inactive)
▪️ lifetime_value
▪️ average_order_value (aov)
▪️ last_order_date

Behavior Tracking (Events):
▪️ event_id
▪️ user_id
▪️ event_type
▪️ product_id
▪️ event_value
▪️ timestamp

Segmentation Table:
▪️ user_id
▪️ segment
▪️ reason
▪️ updated_at

Engagement Metrics:
▪️ user_id
▪️ total_sessions
▪️ avg_session_time_minutes
▪️ cart_abandon_rate
▪️ email_open_rate
▪️ push_notification_opt_in

Loyalty Integration:
▪️ user_id
▪️ loyalty_points
▪️ tier
▪️ points_earned
▪️ points_redeemed
▪️ last_updated

Marketing Campaigns:
▪️ campaign_id
▪️ campaign_name
▪️ target_segment
▪️ channel
▪️ start_date
▪️ end_date
▪️ status

Campaign Results:
▪️ campaign_id
▪️ sent_users
▪️ open_rate
▪️ click_rate
▪️ conversion_rate
▪️ revenue_generated

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇮🇩 BPJS Ketenagakerjaan Kota Metro allegedly leaked exposing personal data of RT, RW, and LPM neighborhood officials in Karangrejo, North Metro, Indonesia

A threat actor claims to have leaked a dataset of BPJS Ketenagakerjaan (Indonesian Workers' Social Security Agency) participants for the Karangrejo sub-district under Kecamatan Metro Utara (North Metro District) in Kota Metro, Lampung, Indonesia.

The leaked records cover RT (Rukun Tetangga), RW (Rukun Warga), and LPM (Lembaga Pemberdayaan Masyarakat) neighborhood and community board officials. The dataset is published as a PDF containing identity records, government-issued identifiers, and contact details, with sample entries showing officials' full names, positions (Ketua RW and Ketua RT), birthplaces, and national identity numbers dating back to assignments under the local government portal of Pemerintah Kota Metro.

Post details:

▸ Actor(s): [Citizen] JAX7
▸ Sector: Government / Social Security / Local Administration
▸ Type: Data Leak
▸ Format: PDF
▸ Price: Free
▸ Records: Karangrejo sub-district RT, RW, and LPM officials
▸ Country: Indonesia
▸ Date: 11/05/2026

Compromised data:

▪️ Full name (Nama Lengkap)
▪️ Position (Jabatan, e.g., Ketua RW, Ketua RT)
▪️ Place of birth (Tempat Lahir)
▪️ Date of birth (Tgl. Lahir)
▪️ KTP number (Nomor KTP, Indonesian national identity card)
▪️ KK number (Nomor KK, family card number)
▪️ Phone number (No HP)
▪️ Email address
▪️ Sub-district and assignment area (Kecamatan, Kelurahan)
▪️ BPJS contact person details (Nama Kontak Person, No HP Kontak Person, Email)

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

PGP Signed message and the repos now have information:

https://deadeclipse666.blogspot.com/2026/05/two-more-public-disclosures-it-will.html
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

Note: This a repost from the leak by threat actor "breach3d." This actor is asking for a $20,000 ransom. It is not verified if anything in this leak differs from the previous leak in April.

‼️🇫🇷 Agence Nationale des Titres Sécurisés allegedly breached exposing 13 million records from the French national secure documents agency under "Pay Or Leak" ransom

A threat actor claims to have obtained 13 million records from the Agence Nationale des Titres Sécurisés (ANTS), the French government agency that allows citizens to complete online procedures for identity cards, passports, driving licences, and vehicle registration certificates.

The actor has issued a "Pay Or Leak" ultimatum, demanding a ransom of $20,000 (described as negotiable) by May 18, 2026, and threatening to release all of the data to everyone for free if the deadline is not met.

The actor frames the operation as a continuation of recent activity (referencing an earlier release tied to Iran's nuclear program) and presents it as retaliation against efforts to arrest an associate, posting under the tags #PwnerSec, #NormalLeVrai, and #freebreachd.

Post details:

▸ Actor(s): NormalLeVrai
▸ Sector: Government / Civil Documents
▸ Type: Ransom / Pre-Leak Extortion
▸ Format: Not specified
▸ Price: $20,000 (negotiable, ransom) / Free if unpaid by deadline
▸ Records: 13,000,000
▸ Country: France
▸ Deadline: 18/05/2026
▸ Date: 11/05/2026

Compromised data:

▪️ Approximately 13 million records from the Agence Nationale des Titres Sécurisés online procedures platform
▪️ Data tied to identity card applications
▪️ Data tied to passport applications
▪️ Data tied to driving licence applications
▪️ Data tied to vehicle registration certificate applications
▪️ Sample data shared in the post (redacted in screenshots) and an additional pastebin link with further samples
▪️ Specific field structure not disclosed publicly in the post

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations

‼️🇬🇧 AIM Smarter allegedly breached exposing 6,500+ business records from the UK promotional products and marketing distribution group

A threat actor claims that on or about May 11th 2026, AIM Smarter, a UK-based marketing distribution and promotional products group, suffered a data breach resulting in the exposure of approximately 6,500+ rows of data containing comprehensive business and financial information, along with internal login credentials.

The actor states the affected dataset includes information tied to financial institutions such as Bank of Scotland, HBOS, and Halifax, as well as energy companies, insurance providers, media firms, and various service organizations across the UK and international locations.

Post details:

▸ Actor(s): Shinigami
▸ Sector: Marketing / Promotional Products / B2B Services
▸ Type: Data Breach
▸ Format: Structured relational database / SQL tables
▸ Price: Free
▸ Records: 6,500+
▸ Country: United Kingdom
▸ Date: 11/05/2026

Compromised data:

Identity Information:
▪️ Customer names
▪️ Company names
▪️ Short codes
▪️ Unique reference numbers

Contact Details:
▪️ Trading addresses (multiple address fields)
▪️ Postal codes
▪️ Phone numbers
▪️ Fax numbers
▪️ Email addresses
▪️ Website URLs

Financial Records:
▪️ Credit limits
▪️ Credit review dates
▪️ Invoice age limits
▪️ Payment methods
▪️ VAT registration numbers

Business Classification:
▪️ Industry types
▪️ SIC codes
▪️ Company registration numbers
▪️ DUNS numbers
▪️ Employee counts

Operational Data:
▪️ Date opened
▪️ Date amended
▪️ Payment methods
▪️ Currency codes
▪️ Promotional budgets

System / Technical Data:
▪️ Record IDs
▪️ Legacy system codes
▪️ Division codes
▪️ Source codes

Internal Logins:
▪️ Employee emails
▪️ Employee names
▪️ MD5 password hashes

Stop guessing what's redacted. Subscribers see everything → darkwebinformer.com/pricing
________________________________________

Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations