In the ongoing battle against cybercrime, industries across the globe are being targeted by malicious actors seeking to exploit vulnerabilities for personal gain. This week, SOCRadar’s Dark Web Team has uncovered a myriad of threats that pose significant risks to organizations and individuals alike.
One such threat involves a hacker claiming to have leaked over 10.7 million customer records from AUTOSUR, a French vehicle inspection company. The breach, which occurred on March 16, 2025, exposed sensitive data such as customer names, emails, phone numbers, hashed passwords, home addresses, vehicle information, and license plate numbers. The hacker is demanding $7,500 in Monero for the complete database, raising concerns about potential identity theft and phishing attacks. Additionally, regulatory repercussions, including GDPR investigations, may impact AUTOSUR’s reputation.
In another incident, unauthorized access to shipping portals linked to Lenovo and HP has been detected, with the compromised access allowing real-time monitoring of Return Merchandise Authorizations (RMAs) and logistics details. This breach poses a significant threat to the supply chain, as sensitive information, such as shipment contents and customer identities, could be exposed, leading to targeted theft or fraudulent redirection of shipments.
Furthermore, a hacker forum post has advertised the sale of a database containing detailed personal and financial data of approximately 3 million American citizens. The leaked dataset includes Social Security numbers (SSNs), bank account details, driver’s licenses, employer information, and income details, posing a severe risk of identity theft, financial fraud, and phishing attacks. The volume and sensitivity of the information highlight urgent risks to affected individuals and financial institutions.
In the Philippines, the National Telecommunications Commission (NTC) has reportedly experienced a breach, with a threat actor claiming access to critical infrastructure details, including network vulnerabilities and user tracking mechanisms. The potential implications of this breach are far-reaching, impacting national security, economic stability, and the privacy of millions of citizens.
Exploitation of the gaming and entertainment sectors is also prevalent, with threat actors sharing tools like the “Atlantis Checker” to verify stolen Disney+ credentials and leaked databases from platforms like FiveM. These incidents raise concerns about account takeover, unauthorized access, and identity theft, posing serious risks to users across various gaming services.
Additionally, a forum post advertising an extensive crypto and forex leads database sourced from various countries signals potential risks of targeted phishing attacks and account takeovers, particularly for individuals previously impacted by financial losses in trading. The widespread geographical scope of the data further underscores regulatory implications under GDPR and international privacy laws.
This wave of cyber threats underscores the importance of proactive cybersecurity measures to safeguard sensitive data and mitigate risks of financial fraud, identity theft, and phishing attacks. Organizations must remain vigilant and implement robust security protocols to protect against evolving cyber threats in an increasingly digital landscape.