HomeCII/OTHacker Claims City Of New York Data Breach

Hacker Claims City Of New York Data Breach

Published on

spot_img

An incident involving a data breach in the City of New York has come to light, with an unidentified threat actor going by the alias “pwns3c” offering access to a database containing sensitive information for sale on BreachForums. The repercussions of this breach are concerning, raising questions about the security measures in place at government offices.

According to reports, the stolen database includes 199 PDF files totaling approximately 70MB in size. The compromised data consists of a variety of personally identifiable information (PII) such as Licensee Serial Number, Expiration Date, Applicant or Licensee Name, Trade Name, Street Address, City, Zip Code, Phone Number of Applicant, and Business Email of Applicant. Additionally, sensitive details about building owners, attorneys, and individuals, including their EIN, SSN, and signature, are also part of the exposed data. Shockingly, all this confidential information is being sold for a mere $30, with interested parties instructed to contact the threat actor through private messages on BreachForums or their Telegram handle.

The consequences of such a data breach are far-reaching, as it puts the personal information of numerous individuals at significant risk. The leakage of PII and sensitive documents opens up the possibility of identity theft, fraud, and other malicious activities. Despite the severity of these claims, The Cyber Express team has attempted to verify the authenticity of the breach by reaching out to the New York City mayor’s official press contact email, but no response has been received as of now.

This incident involving pwns3c and the City of New York is not the threat actor’s first act of cybercrime. In a previous breach claimed on BreachForums, pwns3c asserted to have compromised at least 6,500 records from the Virginia Department of Elections. This data was also put up for sale at the same price of $30 in Bitcoin (BTC), Litecoin (LTC), or Monero (XMR) on the dark web. The compromised information allegedly included timestamps, usernames, election data, candidate details, and voting method information. However, there has been no official confirmation of this incident from the concerned authorities yet.

The series of breaches claimed by pwns3c shed light on the ongoing challenges faced in securing government websites. The sensitivity of the stolen data, which potentially includes Social Security Numbers (SSNs), contact details, election-related information, and signatures, emphasizes the critical need for government entities to enhance their cybersecurity protocols.

It is essential for government organizations to prioritize the safeguarding of sensitive data and implement robust security measures to prevent such breaches in the future. The exposure of confidential information not only jeopardizes the privacy and security of individuals but also undermines public trust in government institutions. As cybersecurity threats continue to evolve, staying ahead of cybercriminals is crucial to ensure the protection of sensitive data and maintain the integrity of digital systems.

In conclusion, the alleged data breaches involving pwns3c and the City of New York and Virginia Department of Elections underscore the importance of stringent cybersecurity measures and proactive monitoring to safeguard against potential threats and mitigate the risks posed by malicious actors in cyberspace. It is imperative for government agencies to be vigilant and proactive in addressing cybersecurity vulnerabilities to prevent such incidents from recurring in the future.

Source link

Latest articles

Opera Introduces Paste Protect to Combat ClickFix

Opera Launches "Paste Protect" Feature to Combat ClickFix Attacks In a strategic move to bolster...

AI-Generated Browser Ransomware Exploits Chromium API on Windows, Linux, macOS, and Android

In a significant development within the realm of cybersecurity, researchers from Check Point have...

950 Oracle E-Business Suite Instances Exposed to CVE-2026-46817 Attacks Detected in the Wild

Urgent Security Alert: Nearly 950 Oracle E-Business Suite Instances Exposed Amid Active Exploitation Attempts In...

OpenAI Allows Cyber Vendors to Integrate GPT-5.5 into Their Defense Systems

Daybreak Cyber Partner Program Expands Application of GPT-5.5 for Cybersecurity Solutions June 22, 2026 |...

More like this

Opera Introduces Paste Protect to Combat ClickFix

Opera Launches "Paste Protect" Feature to Combat ClickFix Attacks In a strategic move to bolster...

AI-Generated Browser Ransomware Exploits Chromium API on Windows, Linux, macOS, and Android

In a significant development within the realm of cybersecurity, researchers from Check Point have...

950 Oracle E-Business Suite Instances Exposed to CVE-2026-46817 Attacks Detected in the Wild

Urgent Security Alert: Nearly 950 Oracle E-Business Suite Instances Exposed Amid Active Exploitation Attempts In...