[September-12-2025] Daily Cybersecurity Threat Report

Posted on

1. Alleged data leak of BIAM Laboratory School & College, Bogura

2. Alleged data leak of National Awakening Party

3. Alleged data leak of Samarinda City Government

  • Category: Data Breach
  • Content: The threat actor claims to have leaked personal data from the official website of the Samarinda City Government in Indonesia. The exposed records allegedly include full names, RT (neighborhood unit) numbers, start and end dates of official documents, reference numbers, full residential addresses, national ID numbers (NIK), email addresses, and phone numbers.
  • Date: 2025-09-12T13:07:02Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-DATABASE-DATABASE-SAMARINDA-BY-TERRORISM666)
  • Screenshots:
  • Threat Actors: TERRORISM666
  • Victim Country: Indonesia
  • Victim Industry: Government Administration
  • Victim Organization: samarinda city government
  • Victim Site: samarindakota.go.id

4. Alleged data leak of Orangeburg-Calhoun Technical College

5. Alleged data leak of Coco Solution

6. Alleged data sale of ZoomInfo

  • Category: Data Breach
  • Content: The threat actor claims to be selling a database from ZoomInfo. The data allegedly includes detailed professional and organizational information such as full names, job titles, management levels, company names, emails, direct phone numbers, physical addresses, revenue, employee counts, SIC/NAICS codes, and personal profile URLs.
  • Date: 2025-09-12T12:26:03Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-Selling-ZoomInfo-Database-2025)
  • Screenshots:
  • Threat Actors: Shad0w
  • Victim Country: USA
  • Victim Industry: Software Development
  • Victim Organization: zoominfo
  • Victim Site: zoominfo.com

7. Alleged data breach of Aeromexico

8. Alleged sale of access to Ctrip

9. Alleged data leak of L’apiéceur – Sur Mesure

  • Category: Data Breach
  • Content: The threat actor claims to have leaked a 6.4 million record database from L’apiéceur – Sur Mesure. The data contains detailed customer information including order numbers, names, addresses, phone numbers, emails, shirt measurements, fabric references, style choices, payment details, and various product customization data.
  • Date: 2025-09-12T11:10:51Z
  • Network: openweb
  • Published URL: (https://darkforums.st/Thread-Selling-LAPIECEUR-6-4-MILLION-DATABASE)
  • Screenshots:
  • Threat Actors: Himenisme666
  • Victim Country: France
  • Victim Industry: Fashion & Apparel
  • Victim Organization: l’apiéceur – sur mesure
  • Victim Site: lapieceur.com

10. Alleged data breach of L’apiéceur

11. Alleged sale of unathorized access to DSN1007 Casino

12. Alleged data leak of CIA hacking tools – “Year Zero”

  • Category: Data Breach
  • Content: The group claims to have leaked CIA hacking tools archive, titled “Year Zero”, containing 8,761 documents and files from a high-security network within the CIA’s Center for Cyber Intelligence in Langley, Virginia, USA. The leak reportedly includes malware, viruses, trojans, weaponized zero-day exploits, remote control systems, and related documentation, following earlier disclosures of CIA targeting French political entities before the 2012 election.
  • Date: 2025-09-12T10:41:04Z
  • Network: telegram
  • Published URL: (https://t.me/c/2297393697/461)
  • Screenshots:
  • Threat Actors: HIME666
  • Victim Country: USA
  • Victim Industry: Government Administration
  • Victim Organization: central intelligence agency
  • Victim Site: cia.gov

13. Alleged data leak of Survival Flight

14. Alleged data leak of World Bank Group

15. Alleged data breach of Meezan Bank

16. Alleged data leak of INTER FRUIT DEALERS LIMITED

17. Alleged admin access leak of Regional Story Tellers Private Limited

18. Alleged data leak of Janio Asia

19. Alleged data leak of Swifta

20. Alleged database leak of NADRA Pakistan

21. Alleged data leak of Cartea

22. Alleged data leak of Ministry of Agriculture, Animal Industry and Fisheries (Uganda)

23. Alleged data leak of Ministry of Public Service, Democratic Republic of Congo

24. Alleged data leak of Meixcan Pharmacies

25. Alleged data leak of Atiyeh Andishan Damoun Insurance Brokerage Company

26. Alleged data breach of Green Horizons Lawn Care

27. Alleged data breach of Diamond Oaks Country Club

28. Alleged Data Breach of DQLab

29. Alleged Data Leak of FinecoBank

  • Category: Data Breach
  • Content: Threat actor claims to leak data of 680,000 male clients of Italy’s leading investment bank, FinecoBank S.p.A, which specializes in financial and investment services.
  • Date: 2025-09-12T05:43:54Z
  • Network: telegram
  • Published URL: (https://t.me/aqj986/7020)
  • Screenshots:
  • Threat Actors: Aiqianjin
  • Victim Country: Italy
  • Victim Industry: Financial Services
  • Victim Organization: finecobank
  • Victim Site: it.finecobank.com

30. Alleged Data Leak of Commerzbank

  • Category: Data Breach
  • Content: Threat actor claims to leak data of 700,000 Commerzbank private client gold credit card holders in Germany, including individuals with stable income, high-value assets, and strong credit profiles.
  • Date: 2025-09-12T05:43:22Z
  • Network: telegram
  • Published URL: (https://t.me/aqj986/6992)
  • Screenshots:
  • Threat Actors: Aiqianjin
  • Victim Country: Germany
  • Victim Industry: Banking & Mortgage
  • Victim Organization: commerzbank
  • Victim Site: commerzbank.de

31. Alleged Data Leak of National Australia Bank

  • Category: Data Breach
  • Content: Threat actor claims to leak data from National Australia Bank, exposing personal details such as names, dates of birth, addresses, phone numbers, and email addresses of affected individuals.
  • Date: 2025-09-12T05:42:52Z
  • Network: telegram
  • Published URL: (https://t.me/aqj986/7021)
  • Screenshots:
  • Threat Actors: Aiqianjin
  • Victim Country: Australia
  • Victim Industry: Banking & Mortgage
  • Victim Organization: national australia bank
  • Victim Site: nab.com.au

32. Alleged data breach of iGooana

33. Alleged Data Leak of Chinese American shoppers

34. Alleged data breach of PT. Swakarya Insan Mandiri

35. Alleged data breach of Telkom Indonesia

36. Alleged data breach of LINISTORE

37. GARUDA ERROR SYSTEM targets the website of COESCOOP

38. Alleged Data Breach of Rajabhat Maha Sarakham University

39. Alleged data breach of Kawauso Teknologi Indonesia

40. Alleged leak of Pakistan NSA Advisor Lt .Gen Muhammad Asim Malik Data

  • Category: Data Breach
  • Content: Threat actor claims to be selling hacked data from Pakistan’s National Security Advisor (NSA), Lt. Gen. Muhammad Asim Malik (HI(M)).The actor describes the target as a high-profile entity, with alleged access to sensitive government infrastructure now up for sale.
  • Date: 2025-09-12T05:16:47Z
  • Network: openweb
  • Published URL: (https://forum.exploit.in/topic/266072/)
  • Screenshots:
  • Threat Actors: xuii
  • Victim Country: Pakistan
  • Victim Industry: Unknown
  • Victim Organization: Unknown
  • Victim Site: Unknown

41. Alleged sale of B2B database

42. Alleged data breach of MA (Madrasah Aliyah) Bustanul Arifin

43. Alleged data breach of University of Brawijaya

44. Alleged leak of coinbase leads

45. Alleged leak of Admin access to an unidentified organization in Germany

46. Alleged sale of AV malware scanning platform

47. Alleged data breach of A.A. Turki Group (ATCO)

  • Category: Data Breach
  • Content: Group claims to have leaked the data from A.A. Turki Group (ATCO). The compromised data includes name, investment firm, position, email, etc.
  • Date: 2025-09-12T01:01:18Z
  • Network: telegram
  • Published URL: (https://t.me/digitalsghost/1020)
  • Screenshots:
  • Threat Actors: DigitalGhost
  • Victim Country: Saudi Arabia
  • Victim Industry: Investment Management, Hedge Fund & Private Equity
  • Victim Organization: a.a. turki group (atco)
  • Victim Site: atco.com.sa

The cyber incidents detailed in this report highlight a diverse and active landscape of cyber threats, with data breaches and leaks being a prominent concern. These incidents have affected various sectors and countries, including education in Bangladesh and Indonesia, financial services in Italy and Australia, and government organizations in countries like Uganda and the Democratic Republic of the Congo.

The types of compromised data are wide-ranging, from personal user information and customer databases to classified military components and sensitive government records. Beyond data exfiltration, there is also significant activity in the sale of initial access, with threat actors offering unauthorized access to corporate networks, banking systems, and government infrastructure. The cyber underground also sees the sale of malicious tools, such as malware and DDoS tools.

Collectively, these events demonstrate that organizations worldwide face persistent threats from data compromise, unauthorized access, and the proliferation of offensive tools. The ongoing nature of these incidents underscores the critical need for strong cybersecurity measures, including robust access controls, effective data protection strategies, continuous vulnerability management, and proactive threat intelligence to defend against a variety of sophisticated and opportunistic attacks.

Related Posts