โผ๏ธ๐บ๐ธ Stansberry Research allegedly breached: 1.17M customer records exposed from investment research subscriber database
A threat actor claims to have leaked a database linked to Stansberry Research, a U.S.-based financial publishing and investment research company. The actor alleges the exposed dataset contains approximately 1,179,000 lines of customer and subscriber records, including contact information, account-related fields, and platform metadata.
โธ Actor: STOMP2
โธ Sector: Financial Publishing / Investment Research
โธ Type: Database Leak
โธ Records: 1,179,000 lines
โธ Country: United States
โธ Date: 16/05/2026
Compromised data:
โช๏ธ Customer and subscriber records allegedly linked to Stansberry Research
โช๏ธ Email address fields and contact information
โช๏ธ Names and profile-related identifiers
โช๏ธ Phone number fields where available
โช๏ธ Address records including city, state, country, and postal code fields
โช๏ธ Account and platform metadata including user IDs, creation dates, and related service identifiers
โช๏ธ Deposit or subscription-related metadata referenced in sample records
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked a database linked to Stansberry Research, a U.S.-based financial publishing and investment research company. The actor alleges the exposed dataset contains approximately 1,179,000 lines of customer and subscriber records, including contact information, account-related fields, and platform metadata.
โธ Actor: STOMP2
โธ Sector: Financial Publishing / Investment Research
โธ Type: Database Leak
โธ Records: 1,179,000 lines
โธ Country: United States
โธ Date: 16/05/2026
Compromised data:
โช๏ธ Customer and subscriber records allegedly linked to Stansberry Research
โช๏ธ Email address fields and contact information
โช๏ธ Names and profile-related identifiers
โช๏ธ Phone number fields where available
โช๏ธ Address records including city, state, country, and postal code fields
โช๏ธ Account and platform metadata including user IDs, creation dates, and related service identifiers
โช๏ธ Deposit or subscription-related metadata referenced in sample records
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ต๐ฐ University of Agriculture Pakistan staff database allegedly leaked
A threat actor claims to have leaked a staff database tied to the University of Agriculture Pakistan, with a second part allegedly planned to include student information in the same format.
โโโโโโโโโโโโโโโโโโโโ
Target: University of Agriculture Pakistan
Sector: Education / Higher Education
Incident: Database Leak
Exposure: Staff database records
Actor: FlipperOne
Country: Pakistan
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Staff identity and profile fields
โช๏ธ Names, gender, and address-related data
โช๏ธ Phone, mobile, and fax number fields
โช๏ธ Primary and secondary email addresses
โช๏ธ Qualification, specialization, and designation details
โช๏ธ Administrative and research role information
โช๏ธ Job status, department, and faculty identifiers
โช๏ธ Social/profile links, profile photos, resumes, and related staff records
Potential impact:
The exposed data could be used for phishing, impersonation, credential-targeting, and social engineering against university staff and departments.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked a staff database tied to the University of Agriculture Pakistan, with a second part allegedly planned to include student information in the same format.
โโโโโโโโโโโโโโโโโโโโ
Target: University of Agriculture Pakistan
Sector: Education / Higher Education
Incident: Database Leak
Exposure: Staff database records
Actor: FlipperOne
Country: Pakistan
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Staff identity and profile fields
โช๏ธ Names, gender, and address-related data
โช๏ธ Phone, mobile, and fax number fields
โช๏ธ Primary and secondary email addresses
โช๏ธ Qualification, specialization, and designation details
โช๏ธ Administrative and research role information
โช๏ธ Job status, department, and faculty identifiers
โช๏ธ Social/profile links, profile photos, resumes, and related staff records
Potential impact:
The exposed data could be used for phishing, impersonation, credential-targeting, and social engineering against university staff and departments.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐บ๐ธ IRS tax payment scam page advertised on underground forum
A threat actor is advertising an IRS-themed tax payment scam page, claiming it can collect personal and payment information from victims through a fraudulent form.
โโโโโโโโโโโโโโโโโโโโ
Target Theme: IRS Tax Payment
Sector: Government Impersonation / Financial Fraud
Incident: Scam Kit Advertisement
Exposure: Personal and payment data collection
Actor: tgov02
Country: United States
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly collected:
โช๏ธ Full names and residential address details
โช๏ธ City, state, and ZIP code fields
โช๏ธ Phone numbers and email addresses
โช๏ธ Date of birth fields
โช๏ธ Social Security number fields
โช๏ธ Cardholder and payment card details
โช๏ธ Expiration date and security code fields
Potential impact:
The scam page could be used for identity theft, payment card fraud, tax-related impersonation, and financial phishing against U.S. victims.
Status:
Underground forum advertisement. The actor posted a sample attachment showing an IRS-themed payment assistant page and requested direct contact from interested buyers.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising an IRS-themed tax payment scam page, claiming it can collect personal and payment information from victims through a fraudulent form.
โโโโโโโโโโโโโโโโโโโโ
Target Theme: IRS Tax Payment
Sector: Government Impersonation / Financial Fraud
Incident: Scam Kit Advertisement
Exposure: Personal and payment data collection
Actor: tgov02
Country: United States
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly collected:
โช๏ธ Full names and residential address details
โช๏ธ City, state, and ZIP code fields
โช๏ธ Phone numbers and email addresses
โช๏ธ Date of birth fields
โช๏ธ Social Security number fields
โช๏ธ Cardholder and payment card details
โช๏ธ Expiration date and security code fields
Potential impact:
The scam page could be used for identity theft, payment card fraud, tax-related impersonation, and financial phishing against U.S. victims.
Status:
Underground forum advertisement. The actor posted a sample attachment showing an IRS-themed payment assistant page and requested direct contact from interested buyers.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ซ๐ท Belambra allegedly breached: 402K reservation and customer records exposed from French holiday club database
A threat actor claims to have leaked a database tied to Belambra, a French holiday clubs and hotels network specializing in vacation stays for families, couples, and groups.
โโโโโโโโโโโโโโโโโโโโ
Target: Belambra
Sector: Hospitality / Travel / Holiday Clubs
Incident: Database Leak
Exposure: 402K records
Actor: ChimeraZ
Country: France
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Reservation records linked to Belambra holiday bookings
โช๏ธ Guest names and contact email fields
โช๏ธ Booking references and reservation IDs
โช๏ธ Site and destination information
โช๏ธ Arrival and departure dates
โช๏ธ Adult and children count fields
โช๏ธ User account and client profile metadata
โช๏ธ Restaurant booking and special-count fields
Potential impact:
The exposed data could be used for targeted phishing, booking impersonation, travel fraud, customer scams, and social engineering against Belambra guests and account holders.
Status:
Unverified underground forum claim. The actor posted structured JSON samples and claims the archive includes reservation, client, and children-related datasets.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked a database tied to Belambra, a French holiday clubs and hotels network specializing in vacation stays for families, couples, and groups.
โโโโโโโโโโโโโโโโโโโโ
Target: Belambra
Sector: Hospitality / Travel / Holiday Clubs
Incident: Database Leak
Exposure: 402K records
Actor: ChimeraZ
Country: France
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Reservation records linked to Belambra holiday bookings
โช๏ธ Guest names and contact email fields
โช๏ธ Booking references and reservation IDs
โช๏ธ Site and destination information
โช๏ธ Arrival and departure dates
โช๏ธ Adult and children count fields
โช๏ธ User account and client profile metadata
โช๏ธ Restaurant booking and special-count fields
Potential impact:
The exposed data could be used for targeted phishing, booking impersonation, travel fraud, customer scams, and social engineering against Belambra guests and account holders.
Status:
Unverified underground forum claim. The actor posted structured JSON samples and claims the archive includes reservation, client, and children-related datasets.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
I will be adding a "Chatter" category just above where the pagination bar is with the other categories in a couple of hours on the threat feed. Be sure to update your notifications after it starts providing posts if you don't want to see/hear the noise.
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
Telegram
๐ช Slice For Life - Part 2 ๐ช
Backup: t.me/SliceForLifeeee
Website: darkwebinformer.com
Website Pricing (Includes Crypto): darkwebinformer.com/pricing
Socials: darkwebinformer.com/socials
API Access: https://darkwebinformer.com/api-details
Donate: darkwebinformer.com/donations
Website: darkwebinformer.com
Website Pricing (Includes Crypto): darkwebinformer.com/pricing
Socials: darkwebinformer.com/socials
API Access: https://darkwebinformer.com/api-details
Donate: darkwebinformer.com/donations
๐จ๐ฎ๐ฉ LSP Telematika allegedly breached: 14GB+ certification database exposed from Indonesian IT professional records
A threat actor claims to be selling a database tied to LSP Telematika, an Indonesian professional certification body for information technology. The actor alleges the exposed dataset contains tens of thousands of records involving assessors and assessees, along with private conversations, decree documents, and company files.
โโโโโโโโโโโโโโโโโโโโ
Target: LSP Telematika
Sector: Professional Certification / Information Technology
Incident: Database Leak
Exposure: 14GB+
Actor: Kyyzo
Country: Indonesia
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Assessee records from certification database tables
โช๏ธ Assessor personal data and profile information
โช๏ธ Registration numbers and certification-related identifiers
โช๏ธ Names, birthplaces, birth dates, ages, and email fields
โช๏ธ Phone numbers, identity number fields, and address-related data
โช๏ธ Private conversations and decree-related documents
โช๏ธ Personal company document files linked to certification activity
Potential impact:
The exposed data could be used for identity theft, phishing, credential targeting, impersonation, and social engineering against Indonesian IT certification participants and assessors.
Status:
Unverified underground forum claim. The actor posted database samples and described the release as part of an extortion-driven follow-up leak.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to be selling a database tied to LSP Telematika, an Indonesian professional certification body for information technology. The actor alleges the exposed dataset contains tens of thousands of records involving assessors and assessees, along with private conversations, decree documents, and company files.
โโโโโโโโโโโโโโโโโโโโ
Target: LSP Telematika
Sector: Professional Certification / Information Technology
Incident: Database Leak
Exposure: 14GB+
Actor: Kyyzo
Country: Indonesia
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Assessee records from certification database tables
โช๏ธ Assessor personal data and profile information
โช๏ธ Registration numbers and certification-related identifiers
โช๏ธ Names, birthplaces, birth dates, ages, and email fields
โช๏ธ Phone numbers, identity number fields, and address-related data
โช๏ธ Private conversations and decree-related documents
โช๏ธ Personal company document files linked to certification activity
Potential impact:
The exposed data could be used for identity theft, phishing, credential targeting, impersonation, and social engineering against Indonesian IT certification participants and assessors.
Status:
Unverified underground forum claim. The actor posted database samples and described the release as part of an extortion-driven follow-up leak.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จGoblin Refund Service advertised: Amazon and Apple refund fraud service promoted on underground forum
A threat actor is advertising โGoblin Refund Service,โ a refund fraud operation claiming to support Amazon and Apple refund requests through a Telegram-based service.
โโโโโโโโโโโโโโโโโโโโ
Service: Goblin Refund Service
Sector: Retail Fraud / Refund Abuse
Incident: Fraud Service Advertisement
Exposure: Refund scam operation
Actor: Gr33nGoblin
Country: Unknown / Global
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ Amazon and Apple refund fraud services
โช๏ธ Claimed support for customers across Europe and America
โช๏ธ Telegram-based ordering and communication
โช๏ธ Flexible terms and support channels
โช๏ธ A step-by-step service flow involving order placement, refund processing, and fee payment
โช๏ธ Cryptocurrency payment options shown in the promotional material
Potential impact:
Refund fraud services can cause financial losses for retailers, abuse customer service workflows, and enable organized e-commerce fraud across major platforms.
Status:
Underground forum advertisement. The actor posted branded promotional graphics and directs interested users to an external messaging channel.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising โGoblin Refund Service,โ a refund fraud operation claiming to support Amazon and Apple refund requests through a Telegram-based service.
โโโโโโโโโโโโโโโโโโโโ
Service: Goblin Refund Service
Sector: Retail Fraud / Refund Abuse
Incident: Fraud Service Advertisement
Exposure: Refund scam operation
Actor: Gr33nGoblin
Country: Unknown / Global
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ Amazon and Apple refund fraud services
โช๏ธ Claimed support for customers across Europe and America
โช๏ธ Telegram-based ordering and communication
โช๏ธ Flexible terms and support channels
โช๏ธ A step-by-step service flow involving order placement, refund processing, and fee payment
โช๏ธ Cryptocurrency payment options shown in the promotional material
Potential impact:
Refund fraud services can cause financial losses for retailers, abuse customer service workflows, and enable organized e-commerce fraud across major platforms.
Status:
Underground forum advertisement. The actor posted branded promotional graphics and directs interested users to an external messaging channel.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ซ๐ท Norauto allegedly breached: 522MB customer database exposed from French automotive service records
A threat actor claims to have leaked a database tied to Norauto, a European automotive service and equipment company specializing in car maintenance, repairs, tire fitting, auto parts, and accessories.
โโโโโโโโโโโโโโโโโโโโ
Target: Norauto
Sector: Automotive Services / Retail / Customer Data
Incident: Database Leak
Exposure: 522MB
Actor: shitanus
Country: France
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Customer database records allegedly linked to Norauto
โช๏ธ Customer names and profile identifiers
โช๏ธ Email addresses and phone number fields
โช๏ธ Address records including city, country, and postal code fields
โช๏ธ Customer ID and account-related metadata
โช๏ธ Antifraud scoring and validation status fields
โช๏ธ Custom customer fields referencing loyalty and identity-related labels
โช๏ธ Rental or store-related account activity metadata
Potential impact:
The exposed data could be used for phishing, customer impersonation, loyalty fraud, targeted scams, and social engineering against Norauto customers.
Status:
Unverified underground forum claim. The actor posted structured JSON samples and claims the download is locked behind paid forum access.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked a database tied to Norauto, a European automotive service and equipment company specializing in car maintenance, repairs, tire fitting, auto parts, and accessories.
โโโโโโโโโโโโโโโโโโโโ
Target: Norauto
Sector: Automotive Services / Retail / Customer Data
Incident: Database Leak
Exposure: 522MB
Actor: shitanus
Country: France
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Customer database records allegedly linked to Norauto
โช๏ธ Customer names and profile identifiers
โช๏ธ Email addresses and phone number fields
โช๏ธ Address records including city, country, and postal code fields
โช๏ธ Customer ID and account-related metadata
โช๏ธ Antifraud scoring and validation status fields
โช๏ธ Custom customer fields referencing loyalty and identity-related labels
โช๏ธ Rental or store-related account activity metadata
Potential impact:
The exposed data could be used for phishing, customer impersonation, loyalty fraud, targeted scams, and social engineering against Norauto customers.
Status:
Unverified underground forum claim. The actor posted structured JSON samples and claims the download is locked behind paid forum access.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ฐ๐ช Land Surveyors Board of Kenya allegedly breached: licensed surveyor and assistant records exposed from government regulatory database
A threat actor claims to have breached the Land Surveyors Board of Kenya, the official Kenyan government regulatory body responsible for licensing land surveyors across the Republic of Kenya.
โโโโโโโโโโโโโโโโโโโโ
Target: Land Surveyors Board of Kenya
Sector: Government / Professional Licensing / Land Surveying
Incident: Data Breach
Exposure: 175 licensed surveyors and 730 approved survey assistants
Actor: cc5ab
Country: Kenya
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Licensed surveyor records for the 2026 licensing year
โช๏ธ Full names and professional licensing status fields
โช๏ธ Personal email and postal address fields
โช๏ธ Firm or company names linked to licensed surveyors
โช๏ธ License numbers and active/inactive status records
โช๏ธ Approved survey assistant records and registration details
โช๏ธ Verification endpoint data containing additional identity and profile-related fields
Potential impact:
The exposed data could be used for impersonation, targeted phishing, licensing fraud, and social engineering against surveyors, assistants, firms, and regulatory contacts.
Status:
Unverified underground forum claim. The actor posted a summary of exposed data and claims additional API and administrative access details were included.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have breached the Land Surveyors Board of Kenya, the official Kenyan government regulatory body responsible for licensing land surveyors across the Republic of Kenya.
โโโโโโโโโโโโโโโโโโโโ
Target: Land Surveyors Board of Kenya
Sector: Government / Professional Licensing / Land Surveying
Incident: Data Breach
Exposure: 175 licensed surveyors and 730 approved survey assistants
Actor: cc5ab
Country: Kenya
Date: 16/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Licensed surveyor records for the 2026 licensing year
โช๏ธ Full names and professional licensing status fields
โช๏ธ Personal email and postal address fields
โช๏ธ Firm or company names linked to licensed surveyors
โช๏ธ License numbers and active/inactive status records
โช๏ธ Approved survey assistant records and registration details
โช๏ธ Verification endpoint data containing additional identity and profile-related fields
Potential impact:
The exposed data could be used for impersonation, targeted phishing, licensing fraud, and social engineering against surveyors, assistants, firms, and regulatory contacts.
Status:
Unverified underground forum claim. The actor posted a summary of exposed data and claims additional API and administrative access details were included.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐ช Slice For Life - Part 2 ๐ช
I will be adding a "Chatter" category just above where the pagination bar is with the other categories in a couple of hours on the threat feed. Be sure to update your notifications after it starts providing posts if you don't want to see/hear the noise. _โฆ
I'm testing this out with Dread. Right now the only issue is loading the CSS properly. Its not a Tor issue. Once it looks solid for 24 hours or so we move on to the next.