π¨πΏπ¦ Gauteng Provincial Government allegedly breached: 3.8TB government portal dump advertised for sale
A threat actor claims to be selling a large data dump tied to the Gauteng Provincial Government, the provincial government authority for Gauteng, South Africa.
ββββββββββββββββββββ
Target: Gauteng Provincial Government
Sector: Government / Public Services
Incident: Data Breach / Data Sale
Exposure: 3.8TB across 3,673,556 files
Actor: Kazu
Country: South Africa
Price: $25,000
Date: 16/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Large-scale government portal data allegedly linked to Gauteng Provincial Government systems
βͺοΈ Public service and departmental records
βͺοΈ Government program and administrative files
βͺοΈ Healthcare, education, housing, and economic development-related data
βͺοΈ Multi-terabyte archive containing millions of files
Potential impact:
The exposed data could create privacy, operational, and public-sector security risks for residents, businesses, government departments, and service users across Gauteng.
Status:
Unverified underground forum sale listing. The actor claims the dump totals approximately 3.8TB and is being offered for sale with samples available through external channels.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to be selling a large data dump tied to the Gauteng Provincial Government, the provincial government authority for Gauteng, South Africa.
ββββββββββββββββββββ
Target: Gauteng Provincial Government
Sector: Government / Public Services
Incident: Data Breach / Data Sale
Exposure: 3.8TB across 3,673,556 files
Actor: Kazu
Country: South Africa
Price: $25,000
Date: 16/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Large-scale government portal data allegedly linked to Gauteng Provincial Government systems
βͺοΈ Public service and departmental records
βͺοΈ Government program and administrative files
βͺοΈ Healthcare, education, housing, and economic development-related data
βͺοΈ Multi-terabyte archive containing millions of files
Potential impact:
The exposed data could create privacy, operational, and public-sector security risks for residents, businesses, government departments, and service users across Gauteng.
Status:
Unverified underground forum sale listing. The actor claims the dump totals approximately 3.8TB and is being offered for sale with samples available through external channels.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π¨πͺπΈ Health Time allegedly breached: 2.25M user records advertised for sale from Spanish medical diagnostics provider
A threat actor claims to be selling a database tied to Health Time / HT MΓ©dica, a Spanish medical imaging and diagnostic services provider operating diagnostic centers across Spain.
ββββββββββββββββββββ
Target: Health Time / HT MΓ©dica
Sector: Healthcare / Medical Diagnostics / Radiology
Incident: Data Breach / Data Sale
Exposure: 2,253,981 user records
Actor: Kazu
Country: Spain
Price: $4,000
Date: 16/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ User records allegedly linked to Health Time / HT MΓ©dica
βͺοΈ Patient or customer profile data
βͺοΈ Healthcare service-related account records
βͺοΈ Diagnostic center and medical service metadata
βͺοΈ Internal platform or portal-related records
βͺοΈ Sample previews allegedly shared through external channels
Potential impact:
The exposed data could create serious privacy, compliance, phishing, impersonation, and healthcare fraud risks for patients, customers, and medical service users.
Status:
Unverified underground forum sale listing. The actor claims the dataset contains 2,253,981 user records and is being offered for $4,000 with samples available through external channels.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to be selling a database tied to Health Time / HT MΓ©dica, a Spanish medical imaging and diagnostic services provider operating diagnostic centers across Spain.
ββββββββββββββββββββ
Target: Health Time / HT MΓ©dica
Sector: Healthcare / Medical Diagnostics / Radiology
Incident: Data Breach / Data Sale
Exposure: 2,253,981 user records
Actor: Kazu
Country: Spain
Price: $4,000
Date: 16/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ User records allegedly linked to Health Time / HT MΓ©dica
βͺοΈ Patient or customer profile data
βͺοΈ Healthcare service-related account records
βͺοΈ Diagnostic center and medical service metadata
βͺοΈ Internal platform or portal-related records
βͺοΈ Sample previews allegedly shared through external channels
Potential impact:
The exposed data could create serious privacy, compliance, phishing, impersonation, and healthcare fraud risks for patients, customers, and medical service users.
Status:
Unverified underground forum sale listing. The actor claims the dataset contains 2,253,981 user records and is being offered for $4,000 with samples available through external channels.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π¨πͺπΈ Matferline allegedly breached: 703K Spanish driving school student records advertised for sale
A threat actor claims to be selling a database tied to Matferline, a Spanish cloud-based driving school management platform.
ββββββββββββββββββββ
Target: Matferline
Sector: Education / Driving School Software
Incident: Database Leak / Data Sale
Exposure: 703,450 records
Actor: macaroni
Country: Spain
Price: $35,000 full DB exclusive
Date: 17/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Student records allegedly linked to Matferline driving school systems
βͺοΈ DNI identity number fields
βͺοΈ Names and email addresses
βͺοΈ Phone number fields
βͺοΈ Usernames and account status data
βͺοΈ Plaintext password fields referenced by the actor
βͺοΈ Registration dates and profile photo references
βͺοΈ Validated and deduplicated record subsets
Potential impact:
The exposed data could be used for identity theft, phishing, credential stuffing, student impersonation, and targeted scams against Spanish driving school students and operators.
Status:
Unverified underground forum sale listing. The actor claims the dataset was obtained through SQL injection and contains 703,450 total records, including 614,517 clean, deduplicated, and validated entries.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to be selling a database tied to Matferline, a Spanish cloud-based driving school management platform.
ββββββββββββββββββββ
Target: Matferline
Sector: Education / Driving School Software
Incident: Database Leak / Data Sale
Exposure: 703,450 records
Actor: macaroni
Country: Spain
Price: $35,000 full DB exclusive
Date: 17/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Student records allegedly linked to Matferline driving school systems
βͺοΈ DNI identity number fields
βͺοΈ Names and email addresses
βͺοΈ Phone number fields
βͺοΈ Usernames and account status data
βͺοΈ Plaintext password fields referenced by the actor
βͺοΈ Registration dates and profile photo references
βͺοΈ Validated and deduplicated record subsets
Potential impact:
The exposed data could be used for identity theft, phishing, credential stuffing, student impersonation, and targeted scams against Spanish driving school students and operators.
Status:
Unverified underground forum sale listing. The actor claims the dataset was obtained through SQL injection and contains 703,450 total records, including 614,517 clean, deduplicated, and validated entries.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π¨ PanARCH malware service advertised: Java RAT, exploit builder, payload delivery, and direct link hosting promoted on underground forum
A threat actor is advertising PanARCH, a malware-focused service bundle claiming to provide remote access tooling, payload-building modules, delivery infrastructure, and private file-hosting services.
ββββββββββββββββββββ
Service: PanARCH
Sector: Malware-as-a-Service / Cybercrime Infrastructure
Incident: Malware Service Advertisement
Exposure: Java RAT, exploit builder, delivery engine, and direct link service
Actor: PanARCH
Price: Pricing available via direct message
Date: 17/05/2026
ββββββββββββββββββββ
Whatβs being advertised:
βͺοΈ Java RAT tooling marketed for multiple operating systems
βͺοΈ Surveillance and remote access capabilities
βͺοΈ Credential theft and browser data collection features
βͺοΈ Payload builder modules for multiple delivery formats
βͺοΈ Browser-based payload delivery infrastructure
βͺοΈ Private direct-link file hosting with encrypted storage claims
βͺοΈ Custom licensing and modular access options
Potential impact:
The advertised tooling could support unauthorized access, credential theft, malware delivery, persistence, and broader compromise of personal or enterprise systems.
Status:
Underground forum advertisement. The actor posted a detailed service panel and promotional material describing multiple malware and delivery components.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising PanARCH, a malware-focused service bundle claiming to provide remote access tooling, payload-building modules, delivery infrastructure, and private file-hosting services.
ββββββββββββββββββββ
Service: PanARCH
Sector: Malware-as-a-Service / Cybercrime Infrastructure
Incident: Malware Service Advertisement
Exposure: Java RAT, exploit builder, delivery engine, and direct link service
Actor: PanARCH
Price: Pricing available via direct message
Date: 17/05/2026
ββββββββββββββββββββ
Whatβs being advertised:
βͺοΈ Java RAT tooling marketed for multiple operating systems
βͺοΈ Surveillance and remote access capabilities
βͺοΈ Credential theft and browser data collection features
βͺοΈ Payload builder modules for multiple delivery formats
βͺοΈ Browser-based payload delivery infrastructure
βͺοΈ Private direct-link file hosting with encrypted storage claims
βͺοΈ Custom licensing and modular access options
Potential impact:
The advertised tooling could support unauthorized access, credential theft, malware delivery, persistence, and broader compromise of personal or enterprise systems.
Status:
Underground forum advertisement. The actor posted a detailed service panel and promotional material describing multiple malware and delivery components.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π¨πΊπΈ Careficient allegedly breached: 164K patient and staff records exposed from home health EMR software provider
A threat actor claims to have leaked datasets tied to Careficient, a U.S.-based EMR software provider for home health, hospice, and home care management.
ββββββββββββββββββββ
Target: Careficient
Sector: Healthcare / EMR Software / Home Health
Incident: Database Leak
Exposure: 164,862 total records
Actor: attacker_company
Country: United States
Date: 17/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Patient dataset containing 163,644 records
βͺοΈ Staff dataset containing 1,218 records
βͺοΈ Patient identity and demographic fields
βͺοΈ Medical reference identifiers and record metadata
βͺοΈ Contact information including email and phone fields
βͺοΈ Address records including city, state, and ZIP code fields
βͺοΈ Staff account metadata and hashed authentication fields
βͺοΈ Organization or agency-related records
Potential impact:
The exposed data could create serious privacy, compliance, phishing, impersonation, and healthcare fraud risks for patients, staff, agencies, and care providers.
Status:
Unverified underground forum claim. The actor posted dataset counts and field categories, with additional content hidden behind forum access.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked datasets tied to Careficient, a U.S.-based EMR software provider for home health, hospice, and home care management.
ββββββββββββββββββββ
Target: Careficient
Sector: Healthcare / EMR Software / Home Health
Incident: Database Leak
Exposure: 164,862 total records
Actor: attacker_company
Country: United States
Date: 17/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Patient dataset containing 163,644 records
βͺοΈ Staff dataset containing 1,218 records
βͺοΈ Patient identity and demographic fields
βͺοΈ Medical reference identifiers and record metadata
βͺοΈ Contact information including email and phone fields
βͺοΈ Address records including city, state, and ZIP code fields
βͺοΈ Staff account metadata and hashed authentication fields
βͺοΈ Organization or agency-related records
Potential impact:
The exposed data could create serious privacy, compliance, phishing, impersonation, and healthcare fraud risks for patients, staff, agencies, and care providers.
Status:
Unverified underground forum claim. The actor posted dataset counts and field categories, with additional content hidden behind forum access.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π¨πͺπ¬ Egypt Ministry of Tourism allegedly breached: 547GB employee and hotel-related government data advertised for sale
A threat actor claims to be selling databases allegedly tied to Egyptβs Ministry of Tourism, described in the post as affiliated with the Ministry of Interior.
ββββββββββββββββββββ
Target: Egypt Ministry of Tourism
Sector: Government / Tourism / Hospitality
Incident: Data Breach / Data Sale
Exposure: 547GB
Actor: Revesky
Country: Egypt
Date: 17/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Employee records allegedly linked to the Ministry of Tourism and hotel-related entities
βͺοΈ Full names, parent names, job titles, and phone number fields
βͺοΈ National ID and physical address fields
βͺοΈ Hotel names, hotel locations, and governorate data
βͺοΈ Employee profile picture documents
βͺοΈ National ID, educational qualification, birth certificate, and training documents
βͺοΈ Work contract, clearance certificate, legal check, and health certificate documents
Potential impact:
The exposed data could create identity theft, phishing, impersonation, fraud, and government-sector privacy risks for employees, hotels, and tourism-related entities.
Status:
Unverified underground forum sale listing. The actor claims the archive totals 547GB, with document samples and data samples hidden behind forum access.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to be selling databases allegedly tied to Egyptβs Ministry of Tourism, described in the post as affiliated with the Ministry of Interior.
ββββββββββββββββββββ
Target: Egypt Ministry of Tourism
Sector: Government / Tourism / Hospitality
Incident: Data Breach / Data Sale
Exposure: 547GB
Actor: Revesky
Country: Egypt
Date: 17/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Employee records allegedly linked to the Ministry of Tourism and hotel-related entities
βͺοΈ Full names, parent names, job titles, and phone number fields
βͺοΈ National ID and physical address fields
βͺοΈ Hotel names, hotel locations, and governorate data
βͺοΈ Employee profile picture documents
βͺοΈ National ID, educational qualification, birth certificate, and training documents
βͺοΈ Work contract, clearance certificate, legal check, and health certificate documents
Potential impact:
The exposed data could create identity theft, phishing, impersonation, fraud, and government-sector privacy risks for employees, hotels, and tourism-related entities.
Status:
Unverified underground forum sale listing. The actor claims the archive totals 547GB, with document samples and data samples hidden behind forum access.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
π¨KRYBIT RaaS advertised: ransomware affiliate program and data extraction tooling promoted on underground forum
A threat actor is advertising KRYBIT RaaS, a ransomware-as-a-service program seeking experienced penetration testing teams to join its partner operation.
ββββββββββββββββββββ
Service: KRYBIT RaaS
Sector: Ransomware-as-a-Service / Cybercrime Infrastructure
Incident: RaaS Advertisement
Exposure: Affiliate program, locker tooling, control panel, and data extraction utility
Actor: KRYBIT
Date: 17/05/2026
ββββββββββββββββββββ
Whatβs being advertised:
βͺοΈ Ransomware affiliate program recruiting experienced operators
βͺοΈ Configurable encryption modes and targeting options
βͺοΈ Control panel with build generation and victim communication support
βͺοΈ Windows, Linux, and ESXi tooling referenced by the actor
βͺοΈ Data extraction utility for uploading or transferring stolen files
βͺοΈ Support services marketed around negotiations and victim-facing communications
βͺοΈ Dedicated leak and blog infrastructure shared by the actor
Potential impact:
The advertised service could support enterprise ransomware intrusions, data theft, extortion, operational disruption, and public leak campaigns against targeted organizations.
Status:
Underground forum advertisement. The actor posted Russian and English descriptions of the program, tooling, support model, leak infrastructure, and first-contact details.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising KRYBIT RaaS, a ransomware-as-a-service program seeking experienced penetration testing teams to join its partner operation.
ββββββββββββββββββββ
Service: KRYBIT RaaS
Sector: Ransomware-as-a-Service / Cybercrime Infrastructure
Incident: RaaS Advertisement
Exposure: Affiliate program, locker tooling, control panel, and data extraction utility
Actor: KRYBIT
Date: 17/05/2026
ββββββββββββββββββββ
Whatβs being advertised:
βͺοΈ Ransomware affiliate program recruiting experienced operators
βͺοΈ Configurable encryption modes and targeting options
βͺοΈ Control panel with build generation and victim communication support
βͺοΈ Windows, Linux, and ESXi tooling referenced by the actor
βͺοΈ Data extraction utility for uploading or transferring stolen files
βͺοΈ Support services marketed around negotiations and victim-facing communications
βͺοΈ Dedicated leak and blog infrastructure shared by the actor
Potential impact:
The advertised service could support enterprise ransomware intrusions, data theft, extortion, operational disruption, and public leak campaigns against targeted organizations.
Status:
Underground forum advertisement. The actor posted Russian and English descriptions of the program, tooling, support model, leak infrastructure, and first-contact details.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
It's kind of like Breached wants to get seized at this point...
π¨πͺπ¨ VimaSistema allegedly breached: 35GB financial software data exposed across Ecuadorian cooperative records
A threat actor claims to have leaked data tied to VimaSistema, a financial software provider serving savings and credit cooperatives, mutual societies, and pension funds in Ecuador.
ββββββββββββββββββββ
Target: VimaSistema / VimaCoop
Sector: Financial Software / Credit Cooperatives
Incident: Data Breach / Multiple Data Leak
Exposure: 35GB+
Actor: tost0n
Country: Ecuador
Date: 17/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Customer and cooperative member records
βͺοΈ Names, identity number fields, and demographic details
βͺοΈ Biometric and fingerprint-related data
βͺοΈ Email, address, and cellphone number fields
βͺοΈ Bank account number and transaction-related records
βͺοΈ Cloud server database files and SQL exports
βͺοΈ Records organized across 2024 and 2025 datasets
βͺοΈ Data tied to multiple Ecuadorian cooperative domains and financial entities
Potential impact:
The exposed data could be used for identity theft, banking fraud, phishing, account impersonation, financial scams, and targeted social engineering against cooperative members and institutions.
Status:
Unverified underground forum claim. The actor posted folder previews and proof-of-concept samples showing structured financial and personal data fields.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked data tied to VimaSistema, a financial software provider serving savings and credit cooperatives, mutual societies, and pension funds in Ecuador.
ββββββββββββββββββββ
Target: VimaSistema / VimaCoop
Sector: Financial Software / Credit Cooperatives
Incident: Data Breach / Multiple Data Leak
Exposure: 35GB+
Actor: tost0n
Country: Ecuador
Date: 17/05/2026
ββββββββββββββββββββ
Whatβs allegedly included:
βͺοΈ Customer and cooperative member records
βͺοΈ Names, identity number fields, and demographic details
βͺοΈ Biometric and fingerprint-related data
βͺοΈ Email, address, and cellphone number fields
βͺοΈ Bank account number and transaction-related records
βͺοΈ Cloud server database files and SQL exports
βͺοΈ Records organized across 2024 and 2025 datasets
βͺοΈ Data tied to multiple Ecuadorian cooperative domains and financial entities
Potential impact:
The exposed data could be used for identity theft, banking fraud, phishing, account impersonation, financial scams, and targeted social engineering against cooperative members and institutions.
Status:
Unverified underground forum claim. The actor posted folder previews and proof-of-concept samples showing structured financial and personal data fields.
Stop guessing what's redacted. Subscribers see everything β darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
β€1