Credix, a credit service operated by the Venezuelan internet subsidiary Fibextelecom, was allegedly compromised through a severe unpatched vulnerability that was published on a hacker forum. The unidentified actor claims to have exfiltrated 44,548 rows of customer data including full names, national identification numbers, dates of birth, physical addresses, employment details, estimated income, account metadata and verification tokens, and also claims to possess Base64-encoded ID photographs which were withheld from the public sample leak. #Credix #Fibextelecom
Keypoints
- An unpatched security vulnerability in Credix is reported to have been exploited.
- A hacker forum post claims 44,548 rows of customer records were exfiltrated.
- Compromised data reportedly includes names, national ID numbers, birthdates, and exact addresses.
- Employment details, estimated monthly income, and account metadata including verification tokens were also included.
- The actor asserts possession of Base64-encoded ID card photos but withheld them from the public sample.
Read More: https://dailydarkweb.net/credix-fibextelecom-data-breach-exposes-customer-info/