๐จKRYBIT RaaS advertised: ransomware affiliate program and data extraction tooling promoted on underground forum
A threat actor is advertising KRYBIT RaaS, a ransomware-as-a-service program seeking experienced penetration testing teams to join its partner operation.
โโโโโโโโโโโโโโโโโโโโ
Service: KRYBIT RaaS
Sector: Ransomware-as-a-Service / Cybercrime Infrastructure
Incident: RaaS Advertisement
Exposure: Affiliate program, locker tooling, control panel, and data extraction utility
Actor: KRYBIT
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ Ransomware affiliate program recruiting experienced operators
โช๏ธ Configurable encryption modes and targeting options
โช๏ธ Control panel with build generation and victim communication support
โช๏ธ Windows, Linux, and ESXi tooling referenced by the actor
โช๏ธ Data extraction utility for uploading or transferring stolen files
โช๏ธ Support services marketed around negotiations and victim-facing communications
โช๏ธ Dedicated leak and blog infrastructure shared by the actor
Potential impact:
The advertised service could support enterprise ransomware intrusions, data theft, extortion, operational disruption, and public leak campaigns against targeted organizations.
Status:
Underground forum advertisement. The actor posted Russian and English descriptions of the program, tooling, support model, leak infrastructure, and first-contact details.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor is advertising KRYBIT RaaS, a ransomware-as-a-service program seeking experienced penetration testing teams to join its partner operation.
โโโโโโโโโโโโโโโโโโโโ
Service: KRYBIT RaaS
Sector: Ransomware-as-a-Service / Cybercrime Infrastructure
Incident: RaaS Advertisement
Exposure: Affiliate program, locker tooling, control panel, and data extraction utility
Actor: KRYBIT
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs being advertised:
โช๏ธ Ransomware affiliate program recruiting experienced operators
โช๏ธ Configurable encryption modes and targeting options
โช๏ธ Control panel with build generation and victim communication support
โช๏ธ Windows, Linux, and ESXi tooling referenced by the actor
โช๏ธ Data extraction utility for uploading or transferring stolen files
โช๏ธ Support services marketed around negotiations and victim-facing communications
โช๏ธ Dedicated leak and blog infrastructure shared by the actor
Potential impact:
The advertised service could support enterprise ransomware intrusions, data theft, extortion, operational disruption, and public leak campaigns against targeted organizations.
Status:
Underground forum advertisement. The actor posted Russian and English descriptions of the program, tooling, support model, leak infrastructure, and first-contact details.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
It's kind of like Breached wants to get seized at this point...
๐จ๐ช๐จ VimaSistema allegedly breached: 35GB financial software data exposed across Ecuadorian cooperative records
A threat actor claims to have leaked data tied to VimaSistema, a financial software provider serving savings and credit cooperatives, mutual societies, and pension funds in Ecuador.
โโโโโโโโโโโโโโโโโโโโ
Target: VimaSistema / VimaCoop
Sector: Financial Software / Credit Cooperatives
Incident: Data Breach / Multiple Data Leak
Exposure: 35GB+
Actor: tost0n
Country: Ecuador
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Customer and cooperative member records
โช๏ธ Names, identity number fields, and demographic details
โช๏ธ Biometric and fingerprint-related data
โช๏ธ Email, address, and cellphone number fields
โช๏ธ Bank account number and transaction-related records
โช๏ธ Cloud server database files and SQL exports
โช๏ธ Records organized across 2024 and 2025 datasets
โช๏ธ Data tied to multiple Ecuadorian cooperative domains and financial entities
Potential impact:
The exposed data could be used for identity theft, banking fraud, phishing, account impersonation, financial scams, and targeted social engineering against cooperative members and institutions.
Status:
Unverified underground forum claim. The actor posted folder previews and proof-of-concept samples showing structured financial and personal data fields.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked data tied to VimaSistema, a financial software provider serving savings and credit cooperatives, mutual societies, and pension funds in Ecuador.
โโโโโโโโโโโโโโโโโโโโ
Target: VimaSistema / VimaCoop
Sector: Financial Software / Credit Cooperatives
Incident: Data Breach / Multiple Data Leak
Exposure: 35GB+
Actor: tost0n
Country: Ecuador
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Customer and cooperative member records
โช๏ธ Names, identity number fields, and demographic details
โช๏ธ Biometric and fingerprint-related data
โช๏ธ Email, address, and cellphone number fields
โช๏ธ Bank account number and transaction-related records
โช๏ธ Cloud server database files and SQL exports
โช๏ธ Records organized across 2024 and 2025 datasets
โช๏ธ Data tied to multiple Ecuadorian cooperative domains and financial entities
Potential impact:
The exposed data could be used for identity theft, banking fraud, phishing, account impersonation, financial scams, and targeted social engineering against cooperative members and institutions.
Status:
Unverified underground forum claim. The actor posted folder previews and proof-of-concept samples showing structured financial and personal data fields.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
โค1
๐จ๐ซ๐ท Gรฎtes de France allegedly breached: 389K guest and booking records exposed from French holiday rental database
A threat actor claims to have leaked a database tied to Gรฎtes de France, a French holiday rental network specializing in countryside stays, rural gรฎtes, and tourist accommodation across France.
โโโโโโโโโโโโโโโโโโโโ
Target: Gรฎtes de France
Sector: Hospitality / Travel / Holiday Rentals
Incident: Database Leak
Exposure: 389,129 people / 312,685 lines / 470MB
Actor: ChimeraZ
Country: France
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Guest and client records allegedly linked to Gรฎtes de France bookings
โช๏ธ Names, email addresses, and telephone number fields
โช๏ธ Address and accommodation site information
โช๏ธ Booking start and end dates
โช๏ธ Guest count and occupant details
โช๏ธ Stay duration and nightly booking fields
โช๏ธ Tourism tax, price, and agent-related records
โช๏ธ Site log and ticket-related JSON records
Potential impact:
The exposed data could be used for booking impersonation, targeted phishing, travel fraud, customer scams, and social engineering against guests, property owners, and tourism operators.
Status:
Unverified underground forum claim. The actor posted structured JSON samples and claims the archive includes booking, site log, and ticket-related datasets.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked a database tied to Gรฎtes de France, a French holiday rental network specializing in countryside stays, rural gรฎtes, and tourist accommodation across France.
โโโโโโโโโโโโโโโโโโโโ
Target: Gรฎtes de France
Sector: Hospitality / Travel / Holiday Rentals
Incident: Database Leak
Exposure: 389,129 people / 312,685 lines / 470MB
Actor: ChimeraZ
Country: France
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Guest and client records allegedly linked to Gรฎtes de France bookings
โช๏ธ Names, email addresses, and telephone number fields
โช๏ธ Address and accommodation site information
โช๏ธ Booking start and end dates
โช๏ธ Guest count and occupant details
โช๏ธ Stay duration and nightly booking fields
โช๏ธ Tourism tax, price, and agent-related records
โช๏ธ Site log and ticket-related JSON records
Potential impact:
The exposed data could be used for booking impersonation, targeted phishing, travel fraud, customer scams, and social engineering against guests, property owners, and tourism operators.
Status:
Unverified underground forum claim. The actor posted structured JSON samples and claims the archive includes booking, site log, and ticket-related datasets.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จTLNTrip allegedly breached: 690K travel agency customer and booking records advertised for sale
A threat actor claims to be selling a database tied to TLNTrip, an online travel agency platform used by B2B and B2C customers to book, manage, and issue air tickets, hotels, and holiday packages.
โโโโโโโโโโโโโโโโโโโโ
Target: TLNTrip
Sector: Travel / Online Travel Agency / Booking Platform
Incident: Database Leak / Data Sale
Exposure: 690K records
Actor: Sensitive2025
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Customer and lead user records allegedly linked to TLNTrip
โช๏ธ Passenger names, titles, gender, and date-of-birth fields
โช๏ธ Email addresses, phone numbers, and address records
โช๏ธ Passport number, issuing country, and expiration date fields
โช๏ธ Flight booking transaction and ticketing records
โช๏ธ Booking status, payment method, and journey details
โช๏ธ Hotel records including hotel names, addresses, cities, countries, and location metadata
Potential impact:
The exposed data could be used for identity theft, passport fraud, travel booking impersonation, phishing, payment scams, and targeted social engineering against travelers and travel agency customers.
Status:
Unverified underground forum sale listing. The actor posted CSV/SQL samples and claims the database was updated less than three weeks before the listing.
Stop guessing what's redacted. Subscribers see everything โ http://darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to be selling a database tied to TLNTrip, an online travel agency platform used by B2B and B2C customers to book, manage, and issue air tickets, hotels, and holiday packages.
โโโโโโโโโโโโโโโโโโโโ
Target: TLNTrip
Sector: Travel / Online Travel Agency / Booking Platform
Incident: Database Leak / Data Sale
Exposure: 690K records
Actor: Sensitive2025
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Customer and lead user records allegedly linked to TLNTrip
โช๏ธ Passenger names, titles, gender, and date-of-birth fields
โช๏ธ Email addresses, phone numbers, and address records
โช๏ธ Passport number, issuing country, and expiration date fields
โช๏ธ Flight booking transaction and ticketing records
โช๏ธ Booking status, payment method, and journey details
โช๏ธ Hotel records including hotel names, addresses, cities, countries, and location metadata
Potential impact:
The exposed data could be used for identity theft, passport fraud, travel booking impersonation, phishing, payment scams, and targeted social engineering against travelers and travel agency customers.
Status:
Unverified underground forum sale listing. The actor posted CSV/SQL samples and claims the database was updated less than three weeks before the listing.
Stop guessing what's redacted. Subscribers see everything โ http://darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ฆ๐ช Dubai Sports Council allegedly breached: 336 internal files advertised for sale from UAE government sports authority
A threat actor claims to be selling a file leak tied to the Dubai Sports Council, the Dubai government entity responsible for developing and regulating the sports sector in the emirate.
โโโโโโโโโโโโโโโโโโโโ
Target: Dubai Sports Council
Sector: Government / Sports / Public Administration
Incident: Data Leak / Data Sale
Exposure: 336 files
Actor: hexogenous
Country: United Arab Emirates
Price: $500
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Internal files allegedly linked to Dubai Sports Council operations
โช๏ธ NOCs, permits, approvals, certificates, and licenses
โช๏ธ Event information, schedules, and invitation records
โช๏ธ Marketing material, logos, and public-facing event assets
โช๏ธ Administrative documents related to sports sector activities
โช๏ธ Files connected to clubs, events, programs, and partnerships
Potential impact:
The exposed files could create operational, reputational, phishing, impersonation, and administrative security risks for the council, event partners, clubs, and affiliated organizations.
Status:
Unverified underground forum sale listing. The actor claims the leak contains 336 files and is being offered for $500, negotiable.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to be selling a file leak tied to the Dubai Sports Council, the Dubai government entity responsible for developing and regulating the sports sector in the emirate.
โโโโโโโโโโโโโโโโโโโโ
Target: Dubai Sports Council
Sector: Government / Sports / Public Administration
Incident: Data Leak / Data Sale
Exposure: 336 files
Actor: hexogenous
Country: United Arab Emirates
Price: $500
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Internal files allegedly linked to Dubai Sports Council operations
โช๏ธ NOCs, permits, approvals, certificates, and licenses
โช๏ธ Event information, schedules, and invitation records
โช๏ธ Marketing material, logos, and public-facing event assets
โช๏ธ Administrative documents related to sports sector activities
โช๏ธ Files connected to clubs, events, programs, and partnerships
Potential impact:
The exposed files could create operational, reputational, phishing, impersonation, and administrative security risks for the council, event partners, clubs, and affiliated organizations.
Status:
Unverified underground forum sale listing. The actor claims the leak contains 336 files and is being offered for $500, negotiable.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ฒ๐ฝ Perfilan allegedly breached: 3.7M Mexican real estate customer records exposed from business service database
A threat actor claims to have leaked part of a customer database tied to Perfilan, a Mexico-based service provider for businesses in the real estate sector.
โโโโโโโโโโโโโโโโโโโโ
Target: Perfilan
Sector: Real Estate / Business Services / CRM Data
Incident: Database Leak
Exposure: 3,711,285 records / 83 CSV files / 924MB
Actor: zSenior
Country: Mexico
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Customer and lead records allegedly linked to Perfilan
โช๏ธ Names, phone numbers, and email address fields
โช๏ธ Real estate project and origin/source fields
โช๏ธ Registration dates and lead status information
โช๏ธ Discard reason and general notes fields
โช๏ธ Call count, last call date, and last note metadata
โช๏ธ CRM-style customer interaction and sales pipeline records
Potential impact:
The exposed data could be used for phishing, real estate scams, customer impersonation, lead fraud, and targeted social engineering against buyers, sellers, and real estate businesses.
Status:
Unverified underground forum claim. The actor posted CSV sample data and claims this is a partial leak containing more than 3.7M records.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked part of a customer database tied to Perfilan, a Mexico-based service provider for businesses in the real estate sector.
โโโโโโโโโโโโโโโโโโโโ
Target: Perfilan
Sector: Real Estate / Business Services / CRM Data
Incident: Database Leak
Exposure: 3,711,285 records / 83 CSV files / 924MB
Actor: zSenior
Country: Mexico
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Customer and lead records allegedly linked to Perfilan
โช๏ธ Names, phone numbers, and email address fields
โช๏ธ Real estate project and origin/source fields
โช๏ธ Registration dates and lead status information
โช๏ธ Discard reason and general notes fields
โช๏ธ Call count, last call date, and last note metadata
โช๏ธ CRM-style customer interaction and sales pipeline records
Potential impact:
The exposed data could be used for phishing, real estate scams, customer impersonation, lead fraud, and targeted social engineering against buyers, sellers, and real estate businesses.
Status:
Unverified underground forum claim. The actor posted CSV sample data and claims this is a partial leak containing more than 3.7M records.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
I am testing backend functionality with screenshots for the next hour... you may see broken screenshots. I will update once maintenance is complete.
๐ช Slice For Life - Part 2 ๐ช
I am testing backend functionality with screenshots for the next hour... you may see broken screenshots. I will update once maintenance is complete.
Maintenance on threat-feed images is complete, and images should no longer appear broken.
The backend has been updated to run a visual safety check on images before they are sent to the feeds.
Screenshots may be automatically suppressed before appearing in the feed if they fail automated visual safety checks, return an uncertain result, or cannot be scanned.
The alert itself will still appear when text-based threat intelligence is available. Suppression only affects the screenshot preview; it does not necessarily mean the alert is invalid or unrelated to cyber threat activity.
There is no evidence that unsafe imagery has passed through to the feed. I'm remaining transparent with any changes done as always. This is a preventative safety measure. If unsafe imagery were ever to bypass the scanner and other filters, I would take appropriate action, including reporting to law enforcement where required.
The backend has been updated to run a visual safety check on images before they are sent to the feeds.
Screenshots may be automatically suppressed before appearing in the feed if they fail automated visual safety checks, return an uncertain result, or cannot be scanned.
The alert itself will still appear when text-based threat intelligence is available. Suppression only affects the screenshot preview; it does not necessarily mean the alert is invalid or unrelated to cyber threat activity.
There is no evidence that unsafe imagery has passed through to the feed. I'm remaining transparent with any changes done as always. This is a preventative safety measure. If unsafe imagery were ever to bypass the scanner and other filters, I would take appropriate action, including reporting to law enforcement where required.
๐จ๐ฉ๐ฟ University of Guelma allegedly breached: seminar management system compromised and user data exposed
A threat actor claims to have compromised the seminar management application hosted by the University of Guelma, an Algerian public university platform used for seminar-related registration and management.
โโโโโโโโโโโโโโโโโโโโ
Target: University of Guelma
Sector: Education / Higher Education
Incident: Data Breach
Exposure: Seminar system database
Actor: govmaroc
Country: Algeria
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Seminar management system database access
โช๏ธ User credential and account-related records
โช๏ธ Personal information tied to seminar users
โช๏ธ Seminar registration and participation details
โช๏ธ Backend database content allegedly accessed through the application
โช๏ธ Administrative system integrity concerns
โช๏ธ University-hosted application data linked to the seminar platform
Potential impact:
The exposed data could be used for phishing, account takeover attempts, impersonation, credential targeting, and further social engineering against students, staff, and seminar participants.
Status:
Unverified underground forum claim.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have compromised the seminar management application hosted by the University of Guelma, an Algerian public university platform used for seminar-related registration and management.
โโโโโโโโโโโโโโโโโโโโ
Target: University of Guelma
Sector: Education / Higher Education
Incident: Data Breach
Exposure: Seminar system database
Actor: govmaroc
Country: Algeria
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Seminar management system database access
โช๏ธ User credential and account-related records
โช๏ธ Personal information tied to seminar users
โช๏ธ Seminar registration and participation details
โช๏ธ Backend database content allegedly accessed through the application
โช๏ธ Administrative system integrity concerns
โช๏ธ University-hosted application data linked to the seminar platform
Potential impact:
The exposed data could be used for phishing, account takeover attempts, impersonation, credential targeting, and further social engineering against students, staff, and seminar participants.
Status:
Unverified underground forum claim.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
๐จ๐ฎ๐ฉ Indonesian National Armed Forces allegedly breached: 14K military officer records leaked from TNI database
A threat actor claims to have leaked a database tied to the Indonesian National Armed Forces, also known as Tentara Nasional Indonesia (TNI), allegedly exposing personnel and service-related records for military officers.
โโโโโโโโโโโโโโโโโโโโ
Target: Indonesian National Armed Forces
Sector: Military / Government / Defense
Incident: Database Leak
Exposure: 14K rows
Actor: mosad
Country: Indonesia
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Military officer records allegedly linked to TNI systems
โช๏ธ Full names and military identification number fields
โช๏ธ Rank, corps/branch, unit, and job title information
โช๏ธ Date of birth, age, gender, and religion fields
โช๏ธ Current position assignment and rank promotion dates
โช๏ธ Military education and training classification fields
โช๏ธ Employment status, office address, and home address fields
โช๏ธ Phone number fields tied to personnel records
Potential impact:
The exposed data could create serious operational security, impersonation, phishing, social engineering, and personnel privacy risks for military officers and defense-related institutions.
Status:
Unverified underground forum claim. The actor posted a field breakdown and sample reference, with download links shared through external channels.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
A threat actor claims to have leaked a database tied to the Indonesian National Armed Forces, also known as Tentara Nasional Indonesia (TNI), allegedly exposing personnel and service-related records for military officers.
โโโโโโโโโโโโโโโโโโโโ
Target: Indonesian National Armed Forces
Sector: Military / Government / Defense
Incident: Database Leak
Exposure: 14K rows
Actor: mosad
Country: Indonesia
Date: 17/05/2026
โโโโโโโโโโโโโโโโโโโโ
Whatโs allegedly included:
โช๏ธ Military officer records allegedly linked to TNI systems
โช๏ธ Full names and military identification number fields
โช๏ธ Rank, corps/branch, unit, and job title information
โช๏ธ Date of birth, age, gender, and religion fields
โช๏ธ Current position assignment and rank promotion dates
โช๏ธ Military education and training classification fields
โช๏ธ Employment status, office address, and home address fields
โช๏ธ Phone number fields tied to personnel records
Potential impact:
The exposed data could create serious operational security, impersonation, phishing, social engineering, and personnel privacy risks for military officers and defense-related institutions.
Status:
Unverified underground forum claim. The actor posted a field breakdown and sample reference, with download links shared through external channels.
Stop guessing what's redacted. Subscribers see everything โ darkwebinformer.com/pricing
________________________________________
Main Channel: https://t.me/SliceForLifeee
Backup Channel: https://t.me/SliceForLifeeee
Website: darkwebinformer.com
Pricing (Includes Crypto): darkwebinformer.com/pricing
API Access: darkwebinformer.com/api-details
Socials: darkwebinformer.com/socials
Donations: darkwebinformer.com/donations
โค1