[February-2-2026] Daily Cybersecurity Threat Report

Posted on

1. Executive Summary

This report provides an exhaustive analysis of the cybersecurity landscape observed on February 2, 2026. The data reveals an exceptionally high volume of malicious activity characterized by a global reach and diverse tactical approaches. During this 24-hour period, no fewer than 93 distinct incidents were recorded, ranging from massive data breaches and unauthorized initial access sales to website defacements and the distribution of advanced malware tools.+1

The primary trend identified is the aggressive targeting of Government and Public Sector entities, particularly in Europe, the Middle East, and Asia. Significant breaches were reported in Hungary, the UAE, Israel, Uzbekistan, and Spain. Furthermore, critical infrastructure and research facilities, such as the Lawrence Livermore National Laboratory in the USA, have been allegedly compromised, resulting in the theft of terabytes of sensitive technical blueprints.+4

A secondary trend is the commercialization of cybercrime. “Initial Access” brokers are actively selling administrative credentials to e-commerce platforms and corporate systems, while “Malware-as-a-Service” (MaaS) providers are marketing sophisticated stealers designed to bypass modern security protocols like Microsoft SmartScreen and UAC.+1

2. Global Incident Distribution and Statistical Overview

The events of February 2, 2026, impacted multiple continents, showing that threat actors are agnostic to geography when profitable or sensitive data is available.

2.1 Geographic Impact

  • Europe: High activity in Spain (Ministry of Finance, Ministry of Science), France (National Assembly, FDSEA 85), and Greece (e-shop.gr, Vrisko).+4
  • Middle East: Concentrated efforts against Israel (Airports Authority, Ministry of Defense/IDF) and Iran (Petroleum and Financial sectors).+3
  • North America: Persistent targeting of US government databases, research labs, and private retail.+2
  • Asia/Pacific: Breaches in China (Military Intelligence, Haiyao Tech), Australia (GolfLink, BigPond), and Vietnam.+4

2.2 Category Breakdown

CategoryVolume (Approx)Primary Target Type
Data Breach65%Government, Education, Retail
Initial Access15%E-commerce, Corporate Portals
Defacement15%Small Business, Sports, Regional Gov
Malware/Other5%Crypto Users, General Users

3. Detailed Incident Analysis: High-Severity Events

3.1 Critical Infrastructure and Government Breaches

The most severe incidents involve the potential exposure of national security data and personal information of government officials.

  • Lawrence Livermore National Laboratory (USA): The “Infrastructure Destruction Squad” claims to have exfiltrated over 15 TB of data. This includes millions of video clips, engineering blueprints, and classified footage.
  • Chinese Military/Intelligence Documents: A threat actor named “jrintel” is marketing documents concerning UAV systems, advanced radar technology, and combat strategies for Taiwan.
  • Spain Ministry of Finance (Hacienda): A massive breach of 47.3 million records containing IDs, addresses, and IBAN numbers.
  • UAE Ministry of Education: Exposure of 293,468 records containing sensitive student data, including local IDs and academic streams.

3.2 Massive Scale Personal Data Leaks

These events represent high risk for identity theft and secondary phishing attacks.

  • ComunidadFeliz (Chile): 724,000 user records leaked from a property management platform.+4
  • Haiyao Technology (China): 763,000 customer account and order records exposed.
  • Bilheteria Digital (Brazil): 784,000 user accounts leaked from a ticketing platform.
  • Netbil Educacional (Brazil): 763,000 records including national IDs (CPF) and financial transaction data.

4. Threat Actor Profiles and Tactics

4.1 “Dripper”: The Volume Specialist

The threat actor known as “Dripper” was the most prolific individual on this date, responsible for at least 10 major data breaches across Hungary, Greece, Germany, Colombia, Croatia, Chile, China, the Czech Republic, Costa Rica, and Bangladesh. Their tactics appear to focus on harvesting large-scale databases from business directories, membership platforms, and regional project portals.+4

4.2 “A K U L A v 2 . 2”: The Access Broker

This group focused almost exclusively on leaking login credentials, with a heavy emphasis on Israeli targets, including the Israel Airports Authority, the IDF (Meitav), and various HR and utility companies.+4

4.3 Defacement Groups

Groups like HellR00ters Team, DARK 07x, and BABAYO EROR SYSTEM engaged in ideological or “script-kiddie” style attacks, defacing websites in Slovenia, Algeria, and Pakistan. While technically simple, these attacks cause significant reputational damage.+4

5. Malware and Tools Analysis

5.1 ClickFix Malware

A tool sold by “sha1” is specifically marketed for its ability to use signed Microsoft LOLBINs (Living Off the Land Binaries) to bypass SmartScreen and UAC. This represents a sophisticated trend where attackers use legitimate system tools to execute malicious code, making detection difficult for traditional antivirus software.

5.2 Datura Stealer

Formerly “Blitzed Grabber,” this web-based stealer offers a private dashboard for managing stolen credentials across all browsers. Its “undetected” status and ease of use lower the barrier to entry for novice cybercriminals.

6. Industry-Specific Vulnerabilities

6.1 Education and Research

The sector faced significant pressure, with the Università La Sapienza in Italy suffering a shutdown of its systems, and the Canadian International College in Egypt experiencing a student data breach. These institutions often hold vast amounts of personal data with varying levels of cybersecurity maturity.+1

6.2 E-commerce and Retail

Initial access sales were prevalent for PrestaShop and WordPress-based stores in the USA, UK, and Australia. Attackers target these to install credit card skimmers or to hijack customer data for resale.+2

7. Conclusions and Strategic Recommendations

7.1 Conclusion

The data from February 2, 2026, illustrates a high-tempo cyber threat environment. The sheer volume of government-related breaches suggests that state-sponsored or highly motivated hacktivist groups are operating alongside profit-driven cybercriminals. The widespread sale of “Initial Access” indicates that many organizations have compromised credentials circulating on the dark web long before a full-scale data breach is announced.+2

7.2 Recommendations

  1. Enforce Multi-Factor Authentication (MFA): Given the high number of “Initial Access” sales and credential leaks (e.g., A K U L A v 2.2’s activity), MFA is the most critical defense.+1
  2. Audit Cloud Storage (S3 Buckets): The Eschola breach in Egypt emphasizes the danger of misconfigured S3 buckets. Organizations must ensure cloud storage is not publicly accessible.
  3. Patch LOLBIN Vulnerabilities: To counter tools like ClickFix, security teams should monitor for unusual executions of signed Microsoft binaries and restrict their use where possible.
  4. Employee Awareness: Many of the “Dripper” breaches involved “user messages” and “contact details,” which are primary fuel for phishing campaigns.

Detected Incidents Draft Data

  1. Alleged sale of AKI project data
    Category: Data Breach
    Content: The threat actor claims to be selling AKI project data; the dataset contains 184,000 records related to project and institutional partner data .
    Date: 2026-02-02T23:57:36Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-184k-Hungary-https-www-aki-gov-hu-Project-and-partner-data-with-funding-contac
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9ce510ad-6820-4281-a0e6-0f0fb5b581cd.png
    Threat Actors: Dripper
    Victim Country: Hungary
    Victim Industry: Government Administration
    Victim Organization: aki (agrárközgazdasági intézet)
    Victim Site: aki.gov.hu
  2. Alleged unauthorized admin access to QualityIPTV
    Category: Initial Access
    Content: The threat actor claims to have unauthorized admin access to QualityIPTV
    Date: 2026-02-02T23:46:05Z
    Network: openweb
    Published URL: https://darkforums.io/Thread-DATABASE-DB-and-admin-access-qualitytpv-com-USA
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7bcab330-0296-4174-9f9a-a17fa7dfc2d8.png
    Threat Actors: crazyboy68
    Victim Country: USA
    Victim Industry: Media Production
    Victim Organization: qualityiptv
    Victim Site: qualityiptv.com
  3. Alleged sale of e-shop.gr user data
    Category: Data Breach
    Content: The threat actor claims to be selling e-shop.gr user data, the dataset contains 174,000 user purchase records.
    Date: 2026-02-02T23:28:48Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-174k-Greece-https-www-e-shop-gr-User-purchase-records-with-personal-and-order
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e0938c2f-9648-455f-8b58-b7db55130a78.png
    Threat Actors: Dripper
    Victim Country: Greece
    Victim Industry: E-commerce & Online Stores
    Victim Organization: e-shop.gr
    Victim Site: e-shop.gr
  4. Alleged Leak of Login Credentials from Israel Airports Authority
    Category: Data Breach
    Content: The Group claims to have leaked login credentials from Israel Airports Authority
    Date: 2026-02-02T23:18:44Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1043555
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/1b65f909-1506-41cd-b426-88425aa4d075.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Airlines & Aviation
    Victim Organization: israel airports authority
    Victim Site: iaa.gov.il
  5. Alleged Data Leak of UAE Ministry of Education
    Category: Data Breach
    Content: Threat Actor claims to have leaked the database of UAE Ministry of Education, which contains approximately 293,468 records. The exposed dataset reportedly contains student-related information including local IDs, full names, email addresses, grade levels, academic streams, classroom details, and school identifiers.
    Date: 2026-02-02T22:50:13Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-UAE-Ministry-of-Education-Data-Leak
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4039ec38-b7ab-474b-90b6-b7f17359159e.png
    Threat Actors: saks
    Victim Country: UAE
    Victim Industry: Government Administration
    Victim Organization: Unknown
    Victim Site: Unknown
  6. Alleged sale of unauthorized access to an unidentified PrestaShop from USA
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized administrative access to an unidentified PrestaShop clothing store based in USA.
    Date: 2026-02-02T22:47:59Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275087/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/36693b51-7200-49a3-b911-3e96791e067a.png
    Threat Actors: WOC
    Victim Country: USA
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  7. Alleged Data Breach of Vrisko
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Vrisko in Greece, alleging exposure of approximately 356,000 records from the Greek business directory platform. The compromised data reportedly includes user inquiry messages and contact details such as sender names, email addresses, phone numbers, company names, message subjects and bodies, categories, cities, and postal codes, potentially impacting both individual users and listed businesses.
    Date: 2026-02-02T22:43:48Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-356k-Greece-https-www-vrisko-gr-User-messages-with-contact-and-company-detail
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/de81d52d-6be5-408d-b244-6001870c5544.png
    Threat Actors: Dripper
    Victim Country: Greece
    Victim Industry: Information Services
    Victim Organization: vrisko
    Victim Site: vrisko.gr
  8. Alleged Data Breach of Interreg
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Interreg in Germany, allegedly exposing approximately 437,000 regional project contact and budget records. The leaked dataset reportedly includes project IDs, contact names, email addresses, street addresses, cities, postal codes, organization details, project websites, telephone numbers, and financial information such as total budgets and ERDF/ENPI allocations.
    Date: 2026-02-02T22:22:04Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-437k-Germany-https-www-interreg-de-Regional-project-contacts-and-budget-records
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c14ce312-9ebe-4c03-a62f-4344635bbcf8.png
    Threat Actors: Dripper
    Victim Country: Germany
    Victim Industry: Government & Public Sector
    Victim Organization: interreg
    Victim Site: interreg.de
  9. Alleged Sale of Unauthorized WordPress Shop / Store Admin Access in the UK
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized administrative access to a WordPress-based online shop located in the United Kingdom.
    Date: 2026-02-02T22:18:02Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275083/?tab=comments#comment-1647887
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b8b0367f-3bbc-4516-a06c-7f92a15dfa6f.png
    Threat Actors: Shopify
    Victim Country: UK
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  10. Alleged Data Breach of USA Government Business & Investor Database
    Category: Data Breach
    Content: The group claims to have obtained and leaked a database from usa.gov. Data reportedly includes information regarding businessmen and investors in the United states.
    Date: 2026-02-02T22:10:39Z
    Network: telegram
    Published URL: https://t.me/c/3470684086/732
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/5a91a1a8-8e9b-4c61-8eaa-76a19efab8b9.png
    Threat Actors: RED EYES
    Victim Country: USA
    Victim Industry: Government & Public Sector
    Victim Organization: usa government
    Victim Site: usa.gov
  11. Alleged data leak of Italian Financial Institute
    Category: Data Breach
    Content: The threat actor claims to be selling internal data allegedly stolen from an Italian financial institute.The leak is reported to be around 1.2GB and reportedly contains sensitive internal files extracted from employee systems, including private contact details, internal references, communication data, and operational documents.
    Date: 2026-02-02T22:10:03Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-Italian-Financial-Institute-Internal-Data
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/29cdf06a-e511-4b87-a950-e8735d94e521.png
    Threat Actors: Saffron3185
    Victim Country: Italy
    Victim Industry: Financial Services
    Victim Organization: Unknown
    Victim Site: Unknown
  12. Alleged Data Breach of Eschola
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Eschola in Egypt, alleging access to approximately 6,000 sensitive documents obtained from a compromised S3 bucket. The exposed data reportedly includes scanned birth certificates, national identity cards, and other personal records stored as PDF and image files.
    Date: 2026-02-02T22:03:58Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-EGYPT-6k-Documents-Birth-certificates-National-Identity-Cards-and-more
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9b2825a2-bee5-4467-aba8-6536915f5a6a.png
    Threat Actors: w1kkid
    Victim Country: Egypt
    Victim Industry: Education
    Victim Organization: eschola
    Victim Site: eschola.me
  13. Alleged Data Breach of FDSEA de la Vendée (FDSEA 85)
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of FDSEA de la Vendée in France, exposing approximately 524,000 agricultural member records. The leaked data reportedly includes personal and professional farm account information such as email addresses, first and last names, physical addresses, ZIP codes, landline and mobile numbers, farm types, exploitation names, department details, membership IDs and status, farm size, crop types, livestock information, irrigation access, machinery inventory, subsidy eligibility, preferred contact methods, interaction history, renewal dates, and assigned advisor notes. The dataset allegedly represents comprehensive records of French agricultural members and their farming operations.
    Date: 2026-02-02T21:52:32Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-524k-france-https-www-fdsea85-fr-Agricultural-account-records-with-personal-a
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/949f72b1-e3f9-459f-8d39-8bc446df639a.png
    Threat Actors: Dripper
    Victim Country: France
    Victim Industry: Agriculture & Farming
    Victim Organization: fdsea de la vendée
    Victim Site: fdsea85.fr
  14. DARK 07x targets the website of Tizi-Ouzou Province Football League
    Category: Defacement
    Content: The group claims to have defaced the website of Tizi-Ouzou Province Football League
    Date: 2026-02-02T21:34:05Z
    Network: telegram
    Published URL: https://t.me/DarK07xxxxxxx/1558
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/53620d20-a404-4d8f-b495-5f2df0e28c46.jpg
    Threat Actors: DARK 07x
    Victim Country: Algeria
    Victim Industry: Sports
    Victim Organization: tizi-ouzou province football league
    Victim Site: lfwto.dz
  15. Alleged Data Breach of Exito
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Éxito in Colombia, allegedly exposing approximately 628,000 records of store locations and business units. The leaked dataset reportedly includes store IDs, names, business segments, city and department details, physical addresses, geographic coordinates, email addresses, phone numbers, business hours, services, pickup points, and operational status information.
    Date: 2026-02-02T21:30:51Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-628k-Colombia-https-www-exito-com-Store-details-contact-info-business-units-loc
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6e240a3e-7156-4945-8daf-c04bee72c4a7.png
    Threat Actors: Dripper
    Victim Country: Colombia
    Victim Industry: Retail Industry
    Victim Organization: exito
    Victim Site: exito.com
  16. Alleged Sale of ClickFix Malware Featuring SmartScreen and UAC Bypass
    Category: Malware
    Content: Threat actor claims to be selling a ClickFix malware tool that uses command-based execution. The tool is reportedly designed to bypass Microsoft SmartScreen and User Account Control (UAC) using signed Microsoft LOLBINs.
    Date: 2026-02-02T21:20:30Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275078/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/41be3daa-f5ed-49cc-99f1-c568722c7c96.png
    Threat Actors: sha1
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  17. Alleged Data Breach of Substack, Inc.
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Substack, Inc. in USA. The exposed dataset reportedly contains approximately 697,313 records, including user names, email addresses, phone numbers, user IDs, Stripe customer IDs, profile pictures, bios, and account metadata such as creation dates and notification preferences.
    Date: 2026-02-02T21:10:42Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-Substack-Leaked-Download
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/055109fd-55a6-4a3c-9d30-e0183da9e709.png
    Threat Actors: w1kkid
    Victim Country: USA
    Victim Industry: Online Publishing
    Victim Organization: substack, inc.
    Victim Site: substack.com
  18. Alleged data breach of Njuškalo
    Category: Data Breach
    Content: The threat actor claims to be selling a leaked database containing approximately 412,000 user profiles from the Croatian classifieds platform Njuškalo.hr. The exposed information allegedly includes sensitive user data such as full names, email addresses, phone numbers, physical addresses, city and postal codes, profile URLs, company details, verification status, last login information, ratings, and advertisement activity counts.
    Date: 2026-02-02T21:07:27Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-412k-Croatia-https-www-njuskalo-hr-User-profiles-with-contact-and-location-data
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9cfdc649-3044-4257-ab06-d34c8c7deaa3.png
    Threat Actors: Dripper
    Victim Country: Croatia
    Victim Industry: E-commerce & Online Stores
    Victim Organization: njuškalo
    Victim Site: njuskalo.hr
  19. Alleged data breach of Mercantil
    Category: Data Breach
    Content: The threat actor claims to be selling a leaked dataset containing approximately 412,000 corporate records from the Chilean business directory Mercantil.The exposed information allegedly includes company profiles and contact details, such as business names, legal identities, addresses, cities/regions, phone numbers, emails, websites, executive contact names, job roles, and industry classification data.
    Date: 2026-02-02T21:03:10Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-412k-Chile-https-www-mercantil-com-Corporate-registry-data-with-contacts-and-ad
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/658994ed-8504-421d-9103-04ffdf578bc0.png
    Threat Actors: Dripper
    Victim Country: Chile
    Victim Industry: Information Services
    Victim Organization: mercantil
    Victim Site: mercantil.com
  20. Alleged Data Breach of Haiyao Technology
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Haiyao Technology in China, exposing approximately 763,000 customer records. The leaked dataset reportedly includes customer account and order information such as real names, email addresses, phone numbers, provinces, cities, physical addresses, order IDs, order amounts, account status, and record creation timestamps.
    Date: 2026-02-02T21:01:43Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-763k-china-https-www-haiyao-com-cn-customer-contact-and-account-records-with
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/45e94ea1-fe8f-46aa-b1be-a2b7977b9608.png
    Threat Actors: Dripper
    Victim Country: China
    Victim Industry: Healthcare & Pharmaceuticals
    Victim Organization: haiyao technology
    Victim Site: haiyao.com.cn
  21. Alleged Data Breach of Benefit Plus
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Benefit Plus in Czech Republic, containing approximately 184,000 user records from its employee benefits and rewards platform. The exposed data reportedly includes login credentials such as hashed passwords and salts, first and last names, email addresses, phone numbers, personal identification numbers, gender, dates of birth, company IDs, reward points, last login timestamps, and account creation dates.
    Date: 2026-02-02T21:00:29Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-184k-Czech-Republic-https-www-benefit-plus-cz-User-benefit-and-rewards-program
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/94ea0fdf-f1bb-4813-a247-9b76bcc2413b.png
    Threat Actors: Dripper
    Victim Country: Czech Republic
    Victim Industry: Insurance
    Victim Organization: benefit plus
    Victim Site: benefit-plus.cz
  22. Alleged data breach of Caja Costarricense de Seguro Social (CCSS)
    Category: Data Breach
    Content: The threat actor claims to be selling a leaked database containing approximately 452,000 employee records from Caja Costarricense de Seguro Social (CCSS), Costa Rica’s social security and healthcare institution.The exposed information allegedly includes sensitive employee data such as national ID numbers, full names, birth details, contact information, job roles, administrative units, employment status, salary information, and other professional metrics.
    Date: 2026-02-02T20:50:32Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-452k-Costa-Rica-https-www-ccss-sa-cr-Employee-records-with-personal-contact-and
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c2a77652-8bc3-4cc8-83cd-faae40440649.png
    Threat Actors: Dripper
    Victim Country: Costa Rica
    Victim Industry: Government & Public Sector
    Victim Organization: caja costarricense de seguro social (ccss)
    Victim Site: ccss.sa.cr
  23. Alleged Sale of Nigerian and Ivory Coast Citizen ID Photos
    Category: Data Breach
    Content: Threat Actor claims to have obtained approximately 10,669 citizen ID photos dated 2025–2026 from Nigeria and Ivory Coast, with around 1,500 records currently exposed. The leaked data allegedly includes front and back ID images along with selfie verification photos. They also claims possession of an additional 15,000 records containing full personal information, driver’s licenses, and ID photos from 2025–2026.
    Date: 2026-02-02T20:42:50Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-1500-Nigerian-and-Ivory-Coast-ID-photos-front-and-back-selfies
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/95857239-3d58-416e-83b3-4cdb89e956ef.png
    Threat Actors: azrekx
    Victim Country: Nigeria
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  24. Alleged data breach of ComunidadFeliz
    Category: Data Breach
    Content: The threat actor claims to be selling a leaked database containing approximately 724,000 Chilean user records from the property management platform ComunidadFeliz.The exposed information allegedly includes sensitive personal and account-related data such as full names, usernames, email addresses, RUT identifiers, phone numbers, addresses, city/region details, account type, signup dates, and login activity.
    Date: 2026-02-02T20:22:32Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-724k-Chileno-https-www-comunidadfeliz-cl-User-records-with-personal-details-and
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/337be7c2-1422-4641-b142-31d243218b17.png
    Threat Actors: Dripper
    Victim Country: Chile
    Victim Industry: Real Estate
    Victim Organization: comunidadfeliz
    Victim Site: comunidadfeliz.cl
  25. Alleged data breach of Bilheteria Digital
    Category: Data Breach
    Content: The threat actor claims to be selling a leaked database from the Brazilian ticketing platform Bilheteria Digital, containing approximately 784,000 user accounts.The exposed data allegedly includes sensitive user information such as email addresses, phone numbers, IP details, usernames, registration timestamps, and geographic registration data
    Date: 2026-02-02T20:21:13Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-784k-Brazil-https-www-bilheteriadigital-com-User-accounts-with-emails-phone-nu
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/306f8c56-a76b-4d3e-8877-05ab5fd6934b.png
    Threat Actors: Dripper
    Victim Country: Brazil
    Victim Industry: Events Services
    Victim Organization: bilheteria digital
    Victim Site: bilheteriadigital.com
  26. Alleged Leak of Login Credentials from Persian Gulf Star Oil Company (PGSOC)
    Category: Data Breach
    Content: The Group claims to have leaked login credentials from Persian Gulf Star Oil Company (PGSOC)
    Date: 2026-02-02T20:11:16Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1043035
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8bc60d54-275f-40c6-8967-b0b892ef3959.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Oil & Gas
    Victim Organization: persian gulf star oil company (pgsoc)
    Victim Site: pgsoc.ir
  27. Alleged Data Leak of Caleb & Brown Crypto Brokerage User Emails
    Category: Data Breach
    Content: Threat Actor claims to have leaked user email addresses of Caleb & Brown Crypto Brokerage. The exposed data allegedly originates from a breach dating back to late 2024 and primarily consists of user email accounts.
    Date: 2026-02-02T20:05:33Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-Caleb-And-Brown-Crypto-Brokerage
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d985db66-0580-43cc-90f7-944f8da133a8.png
    Threat Actors: Lurk
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  28. Alleged Data Leak of Brazil Federal Police
    Category: Data Breach
    Content: Threat Actor claims to have leaked the database of Brazil Federal Police, allegedly exposing sensitive information from multiple internal systems, including national gun registration and control records (administrative entries, controlled asset details, authorization status), personnel management data (employee identifiers, full names, roles, hierarchy levels, department assignments, and internal contacts), migration and border control information (travel document IDs, personal identification data, nationality, entry and stay records, and migration status), along with additional operational systems related to coordination, internal movement tracking, logistics, transportation, and training management, suggesting widespread exposure of law-enforcement and government operational data.
    Date: 2026-02-02T20:01:52Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-COLLECTION-Brazil-Federal-Police-PF-2026
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0fc6116c-0f19-4492-a0d7-8bc122a1c43b.png
    Threat Actors: dosifey
    Victim Country: Brazil
    Victim Industry: Law Enforcement
    Victim Organization: Unknown
    Victim Site: Unknown
  29. Alleged leak of login credentials to Farapardazan Arvand Omid Company (OmidPay)
    Category: Data Breach
    Content: The group claims to have leaked login credentials from Farapardazan Arvand Omid Company (OmidPay)
    Date: 2026-02-02T19:51:03Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1043203
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8e72b0da-c8ae-4315-936f-0db88eeb5483.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Financial Services
    Victim Organization: farapardazan arvand omid company (omidpay)
    Victim Site: omidpayment.ir
  30. Alleged leak of Israel data
    Category: Data Breach
    Content: The group claims to have leaked data associated with Israel, reportedly containing user records with phone numbers, unique user IDs, email addresses, first and last names, gender, registration and account creation timestamps, dates of birth, current location and hometown, relationship status, education history, employment details, group and page associations, and last update times.
    Date: 2026-02-02T19:43:01Z
    Network: telegram
    Published URL: https://t.me/c/2878397916/457
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7e539eb5-d5cf-430b-86bc-b40040ec4911.jpg
    Threat Actors: Hider_Nex
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  31. Alleged Leak of Login Credentials from Myket
    Category: Data Breach
    Content: The Group claims to have leaked login credentials from Myket.
    Date: 2026-02-02T19:19:00Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1042854
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f54cbea8-8555-489a-ae0f-e17eedb5317b.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Information Technology (IT) Services
    Victim Organization: myket
    Victim Site: developer.myket.ir
  32. Alleged data leak of unidentified Flowers Gifts & Specialty Store from Australia
    Category: Data Breach
    Content: The threat actor claims to have leaked a database associated with an Australia-based flowers, gifts, and specialty retail business. The exposed dataset reportedly contains approximately 338,000 records, including customer names, addresses, phone and mobile numbers, email addresses, company details, suburbs, postal codes, and customer reference information. The data reportedly includes around 224,000 unique phone numbers and 295,000 unique email addresses.
    Date: 2026-02-02T19:16:51Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275064/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4fa90de9-5821-4de6-9f2b-0685beb4d1b2.png
    Threat Actors: GeeksforGeeks
    Victim Country: Australia
    Victim Industry: Retail Industry
    Victim Organization: Unknown
    Victim Site: Unknown
  33. Alleged data breach of Tunisian Ministry of Agriculture
    Category: Data Breach
    Content: The group claims to have breached the database of Tunisian Ministry of Agriculture, alleging compromise of its network infrastructure and multiple affiliated subdomains. According to the statement, the operation allegedly impacted agricultural institutes, higher education schools, research centers, and training and extension bodies, resulting in access to databases and the extraction of sensitive information, including government employee and administrator accounts as well as official email credentials linked to the ministry.
    Date: 2026-02-02T18:54:25Z
    Network: telegram
    Published URL: https://t.me/DarK07xxxxxxx/1541?single
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/73f26390-ce9f-4fe0-a4ac-b399d4d15784.jpg
    https://d34iuop8pidsy8.cloudfront.net/65596342-0174-4666-85dc-ed1ec3822949.jpg
    https://d34iuop8pidsy8.cloudfront.net/db6448d9-f077-4960-abc9-8414a6dc5d84.jpg
    Threat Actors: DARK 07x
    Victim Country: Tunisia
    Victim Industry: Government Administration
    Victim Organization: tunisian ministry of agriculture
    Victim Site: agrinet.tn
  34. Alleged leak of login credentials to Pazgas Ltd
    Category: Data Breach
    Content: The group claims to have leaked the login credentials from of Pazgas Ltd
    Date: 2026-02-02T18:50:27Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1041220
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/820a770f-73a3-4488-9083-986b9bc986f0.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Energy & Utilities
    Victim Organization: pazgas ltd
    Victim Site: vpn.pazgas.co.il
  35. Alleged sale of unauthorized access to unidentified WordPress shop from Australia
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized access with hosting account control panel permissions to an unidentified WordPress shop from Australia.
    Date: 2026-02-02T18:47:44Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275068/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6229d5e1-445f-4605-9039-20404a2736fc.png
    Threat Actors: ed1n1ca
    Victim Country: Australia
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  36. Alleged Data Breach of Naturapps
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Naturapps in Spain, reportedly containing approximately 130,814 records. The exposed data allegedly consists mainly of email addresses and device/master device identifiers.
    Date: 2026-02-02T18:35:55Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-SPAIN-Naturapps-es-2026
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3987d3ec-a41d-4f21-a1e2-d527758b1fea.png
    Threat Actors: IntelShadow
    Victim Country: Spain
    Victim Industry: Food & Beverages
    Victim Organization: naturapps
    Victim Site: naturapps.es
  37. Alleged Data Breach of Jagojobs
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of JagoJobs in Bangladesh, exposing approximately 483,000 user employment profiles and 427,000 job seeker profiles. The first exposed dataset reportedly includes personal and professional details such as first and last names, gender, salary information, location, education level, job titles, work experience, job categories, registration dates, and system status metadata. The second dataset allegedly contains more extensive information, including full names, gender, dates of birth, parents’ names, email addresses, phone numbers, nationality, NID numbers, marital status, present and permanent addresses, current location, educational background, job level and job nature, career summaries, salary expectations, total experience, and special qualifications, indicating a large-scale exposure of sensitive employment and identity-related data.
    Date: 2026-02-02T18:34:16Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-483k-Bangladesh-https-www-jagojobs-com-User-employment-profiles-with-salary-loc
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/83c7d106-b371-4c8d-a4a6-f5b6a72c3b58.png
    https://d34iuop8pidsy8.cloudfront.net/358503ee-bbe0-49f5-bee1-6da425cc46b6.png
    Threat Actors: Dripper
    Victim Country: Bangladesh
    Victim Industry: Staffing/Recruiting
    Victim Organization: jagojobs
    Victim Site: jagojobs.com
  38. Alleged Data Breach of Netbil Educacional
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Netbil Educacional in Brazil, allegedly exposing approximately 763,000 personal and financial records. The leaked data reportedly includes sensitive guardian and student information such as full names, dates of birth, CPF (national ID) numbers, email addresses, phone numbers, physical addresses, account credentials, and profile metadata, along with detailed financial records including outstanding balances, payment installments, transaction values, enrollment details, and internal system data.
    Date: 2026-02-02T18:28:41Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-763k-Brazil-https-www-netbil-com-br-Personal-and-financial-records-with-SSNs-a
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ea2d968b-7b88-4233-a362-0e146a7a6618.png
    Threat Actors: Dripper
    Victim Country: Brazil
    Victim Industry: Education
    Victim Organization: netbil educacional
    Victim Site: netbil.com.br
  39. Alleged Data Breach of Tirol Werbung GmbH
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Tirol Werbung GmbH in Austria, exposing a dataset reportedly containing approximately 183,000 regional business records. The leaked data allegedly includes business names, physical addresses, cities, postal codes, phone numbers, verified email addresses, categories, websites, social media links, ratings, reviews, and descriptive metadata, impacting a wide range of local enterprises.
    Date: 2026-02-02T18:05:18Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-183k-Austria-https-www-tirol-at-Regional-business-and-contact-data-including-ad
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/5cbafeec-64b2-45cd-a68b-935f655cc7c6.png
    Threat Actors: Dripper
    Victim Country: Austria
    Victim Industry: Hospitality & Tourism
    Victim Organization: tirol werbung gmbh
    Victim Site: tirol.at
  40. Alleged Sale of Chinese Government Intelligence Documents
    Category: Data Breach
    Content: Threat Actor claims to be selling confidential Chinese government and military intelligence documents. The allegedly exposed data includes sensitive defense and intelligence-related information such as high-altitude long-endurance UAV systems, advanced shipborne radar technologies, upgrades to manned submersibles, unmanned and stealth measurement systems, air–surface cross-domain unmanned operations, and an intelligence analysis report focused on Taiwan’s combat strategy and development plans.
    Date: 2026-02-02T17:52:27Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-Secret-Chinese-Government-DOCS-FOR-SALE-HOT
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0b3bd18b-9195-4033-b49c-e1a5f8b19f6b.png
    Threat Actors: jrintel
    Victim Country: China
    Victim Industry: Government Administration
    Victim Organization: Unknown
    Victim Site: Unknown
  41. Alleged data leak of Jobnet Online Ltd.
    Category: Data Breach
    Content: The threat actor claims to have leaked login credentials from the bo.jobnet.co.il subdomain of Jobnet Online Ltd., Israel. The exposed dataset reportedly contains 639 records.
    Date: 2026-02-02T17:24:21Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1041230
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d440b876-cf22-4b5e-82a1-d985cef7a21e.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Staffing/Recruiting
    Victim Organization: jobnet online ltd.
    Victim Site: bo.jobnet.co.il
  42. Alleged sale of unauthorized access to Stevens Sales Company
    Category: Initial Access
    Content: The actor claims to be selling unauthorized access to 1,500+ compromised Linux systems with root permissions, primarily associated with Stevens Sales Company (SSCO), USA.
    Date: 2026-02-02T17:22:28Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275055/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d5dc2507-7d9b-42b6-8413-4981402d83aa.png
    Threat Actors: SantaAd
    Victim Country: USA
    Victim Industry: Electrical & Electronic Manufacturing
    Victim Organization: stevens sales company
    Victim Site: ssco.net
  43. Alleged Data Breach of GolfLink Pty Ltd
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of GolfLink Pty Ltd in Australia, reportedly containing approximately 478,000 records of Australian golf club members. The exposed data includes comprehensive personal and membership information such as full names, dates of birth, member and GolfLink identification numbers, home club details, membership status, status points, joining and leaving dates, addresses, email addresses, landline and mobile phone numbers, and related record metadata.
    Date: 2026-02-02T17:20:12Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-478k-Australia-https-www-golflink-com-au-Golf-club-members-data-including-pers
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d9761d3c-b093-4528-b9e7-cefb5a229566.png
    Threat Actors: Dripper
    Victim Country: Australia
    Victim Industry: Sports
    Victim Organization: golflink pty ltd
    Victim Site: golflink.com.au
  44. Alleged Data Breach of TE Bridges
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of TE Bridges in Algeria, exposing approximately 672,000 personal identity and CRM records. The leaked dataset reportedly contains around 20 data fields, including first and last names, primary phone numbers, local address details such as street, city, region, postal code, country, identity IDs, person type, record status, source system, and creation/update timestamps.
    Date: 2026-02-02T17:04:45Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-672k-Algeria-https-www-tebridges-dz-Personal-identity-and-CRM-active-records-w
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/bdd4039c-3ab7-4655-a90f-be390d750012.png
    Threat Actors: Dripper
    Victim Country: Algeria
    Victim Industry: Information Technology (IT) Services
    Victim Organization: te bridges
    Victim Site: tebridges.dz
  45. Alleged Data Breach of DamnBruh
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of DamnBruh in USA, a crypto gambling website. The exposed dataset reportedly contains approximately 30,000 user records, including user names and email addresses.
    Date: 2026-02-02T16:44:28Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-Damnbruh-com-Data-Leak-30k-Users
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/36b3235e-637c-4e4d-b859-e508a537a135.png
    Threat Actors: 6h5e46h5e4
    Victim Country: USA
    Victim Industry: Gambling & Casinos
    Victim Organization: damnbruh
    Victim Site: damnbruh.com
  46. Alleged leak of login credentials to MyHR
    Category: Initial Access
    Content: Group claims to have leaked login credentials from MyHR
    Date: 2026-02-02T16:01:28Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1041256
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c2fa702d-16d8-42dc-b849-4af2aa89198c.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Human Resources
    Victim Organization: myhr
    Victim Site: meku-app.co.il
  47. Alleged leak of login credentials to MyFax
    Category: Initial Access
    Content: The group claims to have leaked login credentials from MyFax
    Date: 2026-02-02T15:47:40Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1041263
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/087853f2-c9e6-448b-a7ea-aba577a77c63.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Computer Software/Engineering
    Victim Organization: myfax
    Victim Site: myfax.co.il
  48. Alleged leak of login credentials to Israel Defense Forces
    Category: Initial Access
    Content: Group claims to have leaked login credentials from Israel Defense Forces
    Date: 2026-02-02T15:27:39Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1041269
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3cc1d790-e690-4d41-bdcc-bf864142a0e5.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Military Industry
    Victim Organization: meitav
    Victim Site: mitgaisim.idf.il
  49. Alleged leak of login credentials from NFD – Natural Food & Drink
    Category: Initial Access
    Content: Group claims to have leaked login credentials from NFD – Natural Food & Drink
    Date: 2026-02-02T15:10:23Z
    Network: telegram
    Published URL: https://t.me/c/2451084701/526458
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/54b8f0a5-c3e7-49db-bc22-86792523611f.jpg
    Threat Actors: Buscador
    Victim Country: Israel
    Victim Industry: Food & Beverages
    Victim Organization: nfd – natural food & drink
    Victim Site: nfd.co.il
  50. Cyber Attack hits Università La Sapienza
    Category: Cyber Attack
    Content: Sapienza University of Rome, one of Europe’s largest public universities, reportedly suffered a suspected cyber attack on 2 February 2026, resulting in the temporary shutdown of its public website and internal systems. As a precautionary measure, access to digital services was blocked to contain the incident. Italian cybersecurity authorities are supporting the investigation. At this stage, there is no official confirmation of data theft or ransomware deployment, and the incident remains under analysis.
    Date: 2026-02-02T14:39:45Z
    Network: openweb
    Published URL: https://roma.repubblica.it/cronaca/2026/02/02/news/sapienza_sospetto_attacco_hacker_sito_sistemi_interni_bloccati-425133317/
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: Italy
    Victim Industry: Education
    Victim Organization: università la sapienza
    Victim Site: uniroma1.it
  51. Alleged Unauthorized Access to an Industrial HMI/PLC System in Italy
    Category: Initial Access
    Content: The group claims to have accessed an industrial HMI/PLC system in Italy, allegedly disrupting configuration and operations and causing production downtime and safety concerns.
    Date: 2026-02-02T14:37:18Z
    Network: telegram
    Published URL: https://t.me/zpentestalliance/1027
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/96dd00b5-8c65-4958-a890-a12500604a9e.png
    https://d34iuop8pidsy8.cloudfront.net/9dce3063-eb0b-433b-976e-8ea52005c840.png
    https://d34iuop8pidsy8.cloudfront.net/7beea742-9c2f-4a97-8238-45e025ed62ca.png
    Threat Actors: Z-PENTEST ALLIANCE
    Victim Country: Italy
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  52. Alleged leak of combolist from Israel
    Category: Combo List
    Content: The threat actor claims to be leaked combolists from Israel
    Date: 2026-02-02T14:14:42Z
    Network: openweb
    Published URL: https://leakbase.la/threads/leak-on-israeli.48733/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/28d04f9f-5080-4846-b68b-05a0f079c5b8.png
    Threat Actors: soso
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  53. Z-BL4CX-H4T.ID targets the website of Hashtag Biz Solutions
    Category: Defacement
    Content: The group claims to have defaced the website of Hashtag Biz Solutions.
    Date: 2026-02-02T14:03:51Z
    Network: telegram
    Published URL: https://t.me/z_bl4cx_h4t_id/52
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/77febd41-ce8c-4f88-ae36-62756cf53803.png
    Threat Actors: Z-BL4CX-H4T.ID
    Victim Country: USA
    Victim Industry: Information Technology (IT) Services
    Victim Organization: hashtag biz solutions
    Victim Site: hashtagbizsolutions.com
  54. Alleged data breach of Government Portal of the Republic of Uzbekistan
    Category: Data Breach
    Content: The threat actor claims to have breached the data of Government Portal of the Republic of Uzbekistan, allegedly including Userid, Name, Address, Birthday, Phone, Email and Passport Number.
    Date: 2026-02-02T13:54:07Z
    Network: openweb
    Published URL: https://darkforums.io/Thread-DATABASE-UZ-Uzbekist0n-Government-Diaries
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3369073b-92c6-45f1-a4f9-66f6a7550ed1.JPG
    https://d34iuop8pidsy8.cloudfront.net/76e2a2d2-a095-4f50-aca8-90f198d67137.JPG
    https://d34iuop8pidsy8.cloudfront.net/7beae7a7-0200-43e8-9d80-dc634d33187a.JPG
    Threat Actors: ByteToBreach
    Victim Country: Uzbekistan
    Victim Industry: Government Administration
    Victim Organization: government portal of the republic of uzbekistan
    Victim Site: gov.uz
  55. Alleged Data Leak of BigPond
    Category: Data Breach
    Content: Threat Actor claims to have leaked the database of BigPond.The compromised data includes personal information, including names, phone numbers, and addresses.
    Date: 2026-02-02T13:00:07Z
    Network: openweb
    Published URL: https://leakbase.la/threads/bigpond-130k-leak.48730/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d5ff860a-ccfc-4e3d-9bfd-4548f9c39194.png
    Threat Actors: Yuzaoka1.0
    Victim Country: Australia
    Victim Industry: Network & Telecommunications
    Victim Organization: bigpond
    Victim Site: bigpond.com
  56. Allege data leak of Shoval Engineering and Construction Ltd
    Category: Data Breach
    Content: The group claims to have leaked user login credentials belongs to Shoval Engineering and Construction Ltd.
    Date: 2026-02-02T12:18:01Z
    Network: telegram
    Published URL: https://t.me/c/2451084701/524835
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/34e8f611-63d2-4b62-8efb-153f66d79b25.jpg
    Threat Actors: Buscador
    Victim Country: Israel
    Victim Industry: Civil Engineering
    Victim Organization: shoval engineering and construction ltd
    Victim Site: shovali.co.il
  57. Alleged data leak of Bezeq Welfare Association
    Category: Data Breach
    Content: The group claims to have leaked data from Bezeq Welfare Association.
    Date: 2026-02-02T12:07:26Z
    Network: telegram
    Published URL: https://t.me/c/2451084701/523035
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7a83b8bd-ead4-452e-b4f2-3e1bff38ace3.png
    Threat Actors: Buscador
    Victim Country: Israel
    Victim Industry: Non-profit & Social Organizations
    Victim Organization: bezeq welfare association
    Victim Site: b-kef.co.il
  58. Alleged unauthorized admin access to Pharmashopi
    Category: Initial Access
    Content: The group claims to have gained unauthorized admin Pharmashopi.
    Date: 2026-02-02T11:52:20Z
    Network: telegram
    Published URL: https://t.me/InDoM1nusTe4m/89
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8b2c6d39-ffb0-4217-a4e3-e03241600d6d.png
    Threat Actors: InDoM1nuS Team
    Victim Country: France
    Victim Industry: Health & Fitness
    Victim Organization: pharmashopi
    Victim Site: pharmashopi.com
  59. NationStates Suffers Data Breach
    Category: Data Breach
    Content: NationStates, a long-running browser-based multiplayer game, confirmed that it suffered a data breach that forced its website offline after an unauthorized individual exploited a vulnerability in a recently introduced feature to gain remote code execution and copy both application code and user data from the production server. The breach occurred after a player reporting a bug exceeded authorized boundaries, and although they later claimed to have deleted the copied data, the site can’t verify that, so systems were taken down for investigation and a full rebuild while authorities were notified. The exposed information is believed to include email addresses, obsolete MD5 password hashes, IP addresses, and browser user agent strings, and NationStates expects the site to be restored after several days once security audits and enhancements are completed.
    Date: 2026-02-02T11:31:35Z
    Network: openweb
    Published URL: https://www.bleepingcomputer.com/news/security/nationstates-confirms-data-breach-shuts-down-game-site/
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: Australia
    Victim Industry: Gaming
    Victim Organization: nationstates
    Victim Site: nationstates.net
  60. Alleged unauthorized access to Air Canada
    Category: Initial Access
    Content: The group claims to have gained unauthorized aeronet portal access to Air Canada.
    Date: 2026-02-02T11:24:03Z
    Network: telegram
    Published URL: https://t.me/FsckAroundFindOut/212
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/85df0303-ad82-4419-a695-5b8820de016d.jpg
    Threat Actors: scattered LAPSUS$ hunters 7.0
    Victim Country: Canada
    Victim Industry: Airlines & Aviation
    Victim Organization: air canada
    Victim Site: aircanada.com
  61. Alleged data breach of PMJ Jewels
    Category: Data Breach
    Content: The threat actor claims to have breached data of PMJ Jewels, allegedly including id, name , email, phone number and event name.
    Date: 2026-02-02T11:06:24Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-PMJ-Jewels
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f4267642-b3ea-4441-b2c5-90e2da147b13.JPG
    Threat Actors: anfeng10
    Victim Country: India
    Victim Industry: Luxury Goods & Jewelry
    Victim Organization: pmj jewels
    Victim Site: pmjjewels.com
  62. AN0M949_GHOST_TRACK targets the website of Just A Little Bite Recipe
    Category: Defacement
    Content: The group claims to have defaced the website of Just A Little Bite RecipeNB: The authenticity of the post is yet to be verified.
    Date: 2026-02-02T11:05:03Z
    Network: telegram
    Published URL: https://t.me/CyaberGhost/565
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/12301618-3dd2-4ee1-a955-7d91c09df4d2.png
    Threat Actors: AN0M949_GHOST_TRACK
    Victim Country: USA
    Victim Industry: Food Production
    Victim Organization: just a little bite recipe
    Victim Site: justalittlebiterecipe.com
  63. AN0M949_GHOST_TRACK targets the website of Swefty Recipes
    Category: Defacement
    Content: The group claims to have defaced the website of Swefty Recipes.
    Date: 2026-02-02T10:45:11Z
    Network: telegram
    Published URL: https://t.me/CyaberGhost/564
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/dcb9a86c-903d-4036-934f-1dbac802403d.png
    Threat Actors: AN0M949_GHOST_TRACK
    Victim Country: USA
    Victim Industry: Food Production
    Victim Organization: swefty recipes
    Victim Site: sweftyrecipes.com
  64. Alleged data breach of SplitFrost
    Category: Data Breach
    Content: The threat actor claims to have breached 40306 rows of data of the organisation, allegedly including login activity, date of change, First name, Last name, e-mail, last authorization, ID
    Date: 2026-02-02T10:44:17Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-splitfrost-ru-2015-2024
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/aa236b45-b062-40e9-b715-380577f7d56a.JPG
    Threat Actors: c0mmandor
    Victim Country: Russia
    Victim Industry: E-commerce & Online Stores
    Victim Organization: splitfrost
    Victim Site: splitfrost.ru
  65. Alleged data breach of furnitureandrepairs.com
    Category: Data Breach
    Content: The threat actor claims to have breached data of Furniture & Repairs Inc., allegedly including Name, Mail, Phone number, Cell phone, Address and more. The leaked data is from 2018-2021
    Date: 2026-02-02T10:30:01Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-furnitureandrepairs-com-orders-2018-2021
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/5aa52d91-6a0c-47d9-81f0-abd022faec80.JPG
    Threat Actors: c0mmandor
    Victim Country: USA
    Victim Industry: Furniture
    Victim Organization: furniture & repairs inc.
    Victim Site: furnitureandrepairs.com
  66. Alleged sale of Datura Stealer
    Category: Malware
    Content: Threat actor claims to be selling Datura Stealer, a web based stealer for all browsers. Formerly known as Blitzed Grabber, Datura brings you the real best advanced, powerful and undetected private web-based dashboard.
    Date: 2026-02-02T09:20:14Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-MALWARE-Datura-Runtime-Scantime-FUD-Web-based-Stealer-All-Browsers-V20
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/a56790e7-89f5-47a2-999b-f14c0710fa50.JPG
    https://d34iuop8pidsy8.cloudfront.net/fa5ac320-6a96-4717-91e2-31e4c1bab1f9.JPG
    Threat Actors: heistwtf
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  67. Alleged data breach of Scantibodies Laboratory, Inc.
    Category: Data Breach
    Content: The group claims to have breached data from Scantibodies Laboratory, Inc.
    Date: 2026-02-02T09:13:17Z
    Network: telegram
    Published URL: https://t.me/c/3470684086/386
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9434e011-4df9-47fd-a791-e810e63fe25a.png
    Threat Actors: RED EYES
    Victim Country: USA
    Victim Industry: Biotechnology
    Victim Organization: scantibodies laboratory, inc.
    Victim Site: scantibodies.com
  68. Alleged sale of admin access to Forest Management Technical Personnel Information System
    Category: Initial Access
    Content: The group claims to be selling unauthorized admin access to Forest Management Technical Personnel Information System.
    Date: 2026-02-02T09:01:29Z
    Network: telegram
    Published URL: https://t.me/c/3510524712/77
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b19016f5-1b00-48a1-bab0-6e1d1b79dc76.png
    Threat Actors: Information Draghel01
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: forest management technical personnel information system
    Victim Site: siganishut.phl.kehutanan.go.id
  69. Alleged data breach of the National Assembly
    Category: Data Breach
    Content: The threat actor claims to have breached the data of 127 individual members of the National Assembly, allegedly containing email addresses, telephone numbers, and other contact information.
    Date: 2026-02-02T08:58:14Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-French-National-Assembly-Members-Contact-Info
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/a27dca92-61d2-47cc-a875-a13853540cab.png
    Threat Actors: eqthy5484esr44
    Victim Country: France
    Victim Industry: Government Administration
    Victim Organization: national assembly
    Victim Site: assemblee-nationale.fr
  70. Alleged data breach of Distron Corporation
    Category: Data Breach
    Content: The group claims to have obtained data from RMGA.
    Date: 2026-02-02T06:11:41Z
    Network: tor
    Published URL: http://nleakk6sejx45jxtk7x6iyt65hwvfrkifc5v7ertdlwm3gttbpvlvxqd.onion/view_article.php?article=ZNlJTUCUr18t5jo41YmauCKY8z8cID3IlJZiMYcnW4P2HSzrlXUBZjBv6yRE5zGi
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0f48eb0a-9a04-4c4b-8381-059cc806be15.png
    Threat Actors: Leaknet
    Victim Country: USA
    Victim Industry: Electrical & Electronic Manufacturing
    Victim Organization: distron corporation
    Victim Site: distron.com
  71. Alleged Sale of unauthorized admin access to unidentified Multiple shops in USA
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized admin access to an unidentified Multiple online shop in USA.
    Date: 2026-02-02T05:41:38Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/275016/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/bad62968-fe84-4436-ae8a-87072f59f2d6.png
    Threat Actors: Reve
    Victim Country: USA
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  72. Alleged sale of admin access to unidentified shop in Greece
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized admin access to an unidentified online shop in Greece.
    Date: 2026-02-02T05:12:05Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/275015/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f3aa58a2-c436-447d-9052-f2f18ec67894.png
    Threat Actors: Reve
    Victim Country: Greece
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  73. Alleged Data Breach of Pegawai Negeri Sipil Bogor
    Category: Data Breach
    Content: The threat actor claims to breached the database of Pegawai Negeri Sipil Bogor, the dataset with a total size of 1.7 GB.
    Date: 2026-02-02T05:07:50Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-DATABASE-FULL-PNS-BOGOR
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/2dc8441e-9ccd-4503-a8d9-707e583d808c.png
    Threat Actors: SangMaestroBOGOR
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: pegawai negeri sipil bogor
    Victim Site: Unknown
  74. HellR00ters Team targets the website of V Celu dogaja
    Category: Defacement
    Content: The group claims to have defaced the website of V Celu dogaja
    Date: 2026-02-02T05:03:15Z
    Network: telegram
    Published URL: https://t.me/c/2758066065/952
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/5006684a-587d-4ee6-8283-a7378fc40d4d.png
    Threat Actors: HellR00ters Team
    Victim Country: Slovenia
    Victim Industry: Events Services
    Victim Organization: v celu dogaja v
    Victim Site: cele.si
  75. Alleged Sale of MetaCold Crypto Hidden Contracts Checker
    Category: Malware
    Content: Threat actor claims to be selling MetaCold, a crypto analysis tool designed to identify hidden balances and contracts across EVM-compatible blockchains. The software reportedly analyzes wallet activity and contract interactions to surface potential hidden balances not visible through common analytics platforms.
    Date: 2026-02-02T04:45:25Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/275017/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/a171c19f-b5bd-4510-84f9-6fe7814c84d5.png
    https://d34iuop8pidsy8.cloudfront.net/5cc9f143-1556-41a3-a75c-163a535102a1.png
    Threat Actors: MetaCold
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  76. Alleged Data Breach of Canadian International College
    Category: Data Breach
    Content: The threat actor claims to have breached Canadian International College database.
    Date: 2026-02-02T04:28:30Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-Egypt-Canadian-International-college-Students-data
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/474f64e5-00f5-4b08-ac63-b707b245e608.png
    Threat Actors: CrowStealer
    Victim Country: Egypt
    Victim Industry: Higher Education/Acadamia
    Victim Organization: canadian international college
    Victim Site: Unknown
  77. HellR00ters Team targets the website of Blueyes Discover
    Category: Defacement
    Content: The claims to have defaced the website of Blueyes Discover
    Date: 2026-02-02T04:22:36Z
    Network: telegram
    Published URL: https://t.me/c/2758066065/952
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/176701eb-c803-4391-95f9-3874b351a6d9.png
    Threat Actors: HellR00ters Team
    Victim Country: Pakistan
    Victim Industry: Leisure & Travel
    Victim Organization: blueyes discover
    Victim Site: blueyesdiscover.com
  78. Alleged data breach of Ministry of Finance (Hacienda)
    Category: Data Breach
    Content: The threat actor claims to have leaked data from Ministry of Finance (Hacienda). The compromised data reportedly contain 47.3 million records including ID, DNI/NIF, Full name, Street type, Address, Address details, Postal code, Province, Municipality, Town, Country code, Telephone, IBAN, Contact Email, Last collected, Total collection
    Date: 2026-02-02T03:50:25Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-Spain-Hacienda-gob-Database-2026
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/97547516-a45b-4050-b4ba-769a237088d2.png
    https://d34iuop8pidsy8.cloudfront.net/7b17d1b8-0e3f-4e6e-b94a-765cff3ea115.png
    Threat Actors: HaciendaSec
    Victim Country: Spain
    Victim Industry: Government Administration
    Victim Organization: ministry of finance (hacienda)
    Victim Site: hacienda.gob.es
  79. BABAYO EROR SYSTEM targets the website of National Institute for Fisheries Research
    Category: Defacement
    Content: The group claims to have defaced the website of National Institute for Fisheries Research
    Date: 2026-02-02T03:49:46Z
    Network: telegram
    Published URL: https://t.me/c/3664625363/97
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/189ac11b-9625-4ac5-9ddb-2e7e6948192b.png
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Mozambique
    Victim Industry: Government Administration
    Victim Organization: national institute for fisheries research
    Victim Site: mail.inip.gov.mz
  80. HellR00ters Team targets the website of Apartmaji REGINA
    Category: Defacement
    Content: The group claims to have defaced the website of Apartmaji REGINA.
    Date: 2026-02-02T03:48:34Z
    Network: telegram
    Published URL: https://t.me/c/2758066065/952
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4bfdfa83-dccd-4645-87c7-86388e7f53de.png
    Threat Actors: HellR00ters Team
    Victim Country: Slovenia
    Victim Industry: Hospitality & Tourism
    Victim Organization: apartmaji regina
    Victim Site: apartmani-vinodolski.com
  81. BABAYO EROR SYSTEM targets the website of NaamX Solutions
    Category: Defacement
    Content: The group claims to have defaced the website of NaamX Solutions
    Date: 2026-02-02T03:47:06Z
    Network: telegram
    Published URL: https://t.me/c/3664625363/98
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/95da4458-7c34-448a-aed2-bb768b07e984.png
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Pakistan
    Victim Industry: Information Technology (IT) Services
    Victim Organization: naamx solutions
    Victim Site: na.naamx.com
  82. HellR00ters Team targets the website of Apartmani MARICA
    Category: Defacement
    Content: The group claims to have defaced the website of Apartmani MARICA.
    Date: 2026-02-02T03:45:47Z
    Network: telegram
    Published URL: https://t.me/c/2758066065/952
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f1768504-6595-4b67-8153-69a2999e4f59.png
    Threat Actors: HellR00ters Team
    Victim Country: Croatia
    Victim Industry: Hospitality & Tourism
    Victim Organization: apartmani marica
    Victim Site: apartmani-sevid.com
  83. Alleged sale of unauthorized admin access to Gran Quina de Nadal
    Category: Initial Access
    Content: The threat actor claims to have selling unauthorized admin access to Gran Quina de Nadal
    Date: 2026-02-02T03:38:24Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SPAIN-granquinadenadal-cat-PORTAL-CREDENTIALS
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b64aa570-40ad-4f6f-ac86-02d6d0256a52.png
    https://d34iuop8pidsy8.cloudfront.net/69fbfc61-eca5-4c4d-b37b-baafde7c1c05.png
    Threat Actors: IntelShadow
    Victim Country: Spain
    Victim Industry: Gaming
    Victim Organization: gran quina de nadal
    Victim Site: portal.granquinadenadal.cat
  84. HellR00ters Team targets the website of A2S zavarovanje
    Category: Defacement
    Content: The group claims to have defaced the website of A2S zavarovanje.
    Date: 2026-02-02T03:36:26Z
    Network: telegram
    Published URL: https://t.me/c/2758066065/952
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3dca25a7-a63d-4389-91d1-7747f1221621.png
    Threat Actors: HellR00ters Team
    Victim Country: Slovenia
    Victim Industry: Insurance
    Victim Organization: a2s zavarovanje
    Victim Site: a2s-zavarovanje.si
  85. Alleged data breach of Universarium
    Category: Data Breach
    Content: The threat actor claims to have leaked data belonging to Universarium from 2019.. The compromised data reportedly includes id, full name, email, phone mobile, username, status
    Date: 2026-02-02T03:35:22Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-Clients-of-Russian-banks-2018
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f7d15a72-2c56-4f76-aab3-e1a8fb36f41b.png
    Threat Actors: c0mmandor
    Victim Country: Russia
    Victim Industry: Education
    Victim Organization: universarium
    Victim Site: universarium.ru
  86. Alleged data breach of Vietnam Post (VNPost)
    Category: Data Breach
    Content: The threat actor claims to have leaked data from Vietnam Post (VNPost). The compromised data reportedly includes Customer name, Phone number, Shipping address, Sale and confirmation dates, Invoice ID
    Date: 2026-02-02T02:54:32Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-VIETNAM-VNPOST-REAL-TIME-SHOPPING-DATABASE
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/96276cb1-d037-4dba-8d89-d65c3c0e8fa7.png
    Threat Actors: CaoMa
    Victim Country: Vietnam
    Victim Industry: Transportation & Logistics
    Victim Organization: vietnam post (vnpost)
    Victim Site: vietnampost.vn
  87. Alleged Data Breach of San Juan Health
    Category: Data Breach
    Content: The threat actor claims to have breached the San Juan Health database, the dataset includes filenames include patients’ full names and system identifiers.
    Date: 2026-02-02T02:41:44Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-San-Juan-Andes-Health-Patient-Photos-Full-Names-Identified
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3a80e192-7faa-4dd0-a570-1d7141daf1be.png
    Threat Actors: ByteHunter
    Victim Country: Argentina
    Victim Industry: Healthcare & Pharmaceuticals
    Victim Organization: san juan health
    Victim Site: andes.sanjuan.gob.ar
  88. HellR00ters Team targets the website of jeklenka.si
    Category: Defacement
    Content: The group claims to have defaced the website of jeklenka.si
    Date: 2026-02-02T02:21:09Z
    Network: telegram
    Published URL: https://t.me/c/2758066065/952
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/5f505fbf-9ab6-43f6-be02-12211dbaa557.png
    Threat Actors: HellR00ters Team
    Victim Country: Slovenia
    Victim Industry: Unknown
    Victim Organization: jeklenka
    Victim Site: jeklenka.si
  89. Alleged data breach of Lawrence Livermore National Laboratory
    Category: Data Breach
    Content: The group claims to have breached data of Lawrence Livermore National Laboratory in US. The compromised data reportedly includes millions of video clips more than 15 terabytes of sensitive data documents and files encompassing millions of images, engineering and technical blueprints and classified internal video recordings and footage
    Date: 2026-02-02T02:21:05Z
    Network: telegram
    Published URL: https://t.me/n2LP_wVf79c2YzM0/3542
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/bd19b079-e935-45c6-982a-fb0901897ae6.png
    https://d34iuop8pidsy8.cloudfront.net/f361bf4f-c975-4f60-a8a5-835efd34c844.png
    Threat Actors: Infrastructure Destruction Squad
    Victim Country: USA
    Victim Industry: Research Industry
    Victim Organization: lawrence livermore national laboratory
    Victim Site: llnl.gov
  90. Alleged Data Breach of Topdirectas
    Category: Data Breach
    Content: The threat actor claims to have breached the database of Topdirectas, the dataset includes schema description, plaintext sample of records, and indicates direct access to user registration data.
    Date: 2026-02-02T02:00:35Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-SPAIN-topdirectas-ucoz-es
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/a262315e-ab58-4d38-8352-c93c03ca2b5c.png
    Threat Actors: IntelShadow
    Victim Country: Spain
    Victim Industry: Media Production
    Victim Organization: topdirectas
    Victim Site: topdirectas.ucoz.es
  91. DEFACER INDONESIAN TEAM targets the website of EventON
    Category: Defacement
    Content: The group claims to have defaced the website of EventON
    Date: 2026-02-02T00:58:10Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/823
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/12e5d686-0c4e-4958-9e3d-f8b4bfeeb8b1.png
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: USA
    Victim Industry: Software Development
    Victim Organization: eventon
    Victim Site: dev0.myeventon.com
  92. Alleged Databreach of Ministerio De Ciencia e Innovación
    Category: Data Breach
    Content: The threat actor claims to have breached the database of Ministerio De Ciencia e Innovación, the actor alleges full administrative-level access and describes a data exfiltration capability.
    Date: 2026-02-02T00:57:06Z
    Network: openweb
    Published URL: https://darkforums.io/Thread-DATABASE-Spain-s-Ministry-of-Universities-High-severity-vuln-full-access-data-exfil-method
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/18684047-3c3b-4391-8025-9c18ad77cf37.png
    https://d34iuop8pidsy8.cloudfront.net/f76d8b31-142d-4cd5-960c-f32ecc7324f7.png
    https://d34iuop8pidsy8.cloudfront.net/93c4a635-4a94-45e9-9202-7e78b7ac3fc7.png
    Threat Actors: GordonFreeman
    Victim Country: Spain
    Victim Industry: Government Administration
    Victim Organization: ministerio de ciencia e innovación
    Victim Site: ciencia.gob.es
  93. Alleged data breach of Nissan Baleares
    Category: Data Breach
    Content: The threat actor claims to have breached the database of Nissan Baleares; the credentials grant access to the client portal used for employee clothing orders and billing management.
    Date: 2026-02-02T00:03:28Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SPAIN-clientes-modyf-es-NISSAN-BALEARES-CREDENTIALS
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3066758a-81d5-4d72-a1cf-3369130ba1dd.png
    Threat Actors: IntelShadow
    Victim Country: Spain
    Victim Industry: Automotive
    Victim Organization: nissan baleares
    Victim Site: nissanbaleares.com

Related Posts