A threat actor has breached Servicio de Agua y Drenaje de Monterrey, I.P.D., and is selling a large database containing sensitive citizen data on the dark web. The attacker also demands $10,000 in cryptocurrency from the government to prevent further data leaks. #AyDDataBreach #DarkWebAuction
Keypoints
- A threat actor has compromised the database of a major Mexican water utility, AyD, affecting millions of residents.
- The stolen data includes personal details, addresses, fiscal data, and consumption receipts.
- The breach involves over 790 GB of data with 1.9 million lines of user information.
- The cybercriminal is selling the data on a dark web forum and has issued a $10,000 ransom demand.
- They claim the company’s system is “vulnerable by design,” indicating potential for further exploitation.