Resecurity uncovered a major leak involving a notorious underground data broker, “888,” who published sensitive personal data stolen from CIEE, a Brazilian organization. The breach was caused by a misconfigured Google Cloud Storage bucket, exposing over 364,000 files containing PII, medical records, and media. #UndergroundDataBroker #CIEEBreach
Keypoints
- “888” is an established threat actor known for authentic data leaks on the dark web.
- The breach originated from a misconfigured Google Cloud Storage bucket, exposing extensive private data.
- Stolen data includes medical reports, CVs, profile pictures, videos, and sensitive personal details.
- The leak impacted major Brazilian institutions and organizations handling sensitive PII.
- Resecurity recommends proactive security measures such as VAPT testing and continuous CTI gathering to prevent similar breaches.