[February-3-2026] Daily Cybersecurity Threat Report

1. Executive Summary

This report provides a comprehensive analysis of cybersecurity incidents detected over a 24-hour period on February 3, 2026. The data indicates a volatile global threat landscape characterized by a high volume of data breaches, unauthorized access sales, and targeted defacement campaigns. The monitoring period recorded a significant surge in activity across multiple geopolitical theaters and industrial sectors. A primary driver of this activity was the threat actor A K U L A v 2, who orchestrated a widespread campaign targeting government, educational, and telecommunications sectors across the Middle East, specifically focusing on Iran, Israel, Iraq, and the UAE. Simultaneously, the Indonesian education sector faced a concentrated defacement campaign by the group BABAYO EROR SYSTEM, targeting numerous special needs schools.+4

Critical infrastructure remains a priority target. Alarming claims regarding unauthorized access to SCADA/HMI systems in the USA, Italy, Israel, and Australia suggest a potential escalation in operational technology (OT) threats. Furthermore, high-profile entities such as the Central Intelligence Agency (CIA) and Lawrence Livermore National Laboratory were allegedly targeted or breached, indicating that threat actors are emboldened to strike significantly hardened targets.+4

The commercialization of stolen data continues unabated on dark web forums. Large-scale datasets from Japan, Germany, and India—ranging from travel records to business directories—were listed for sale by actors such as Dripper.+1

This report details these incidents, categorizing them by threat vector, geography, and sector, to provide actionable intelligence on the current security posture of global organizations.

2. Geopolitical Threat Landscape

The incidents observed on February 3, 2026, reveal distinct geopolitical fault lines. The data suggests that cyber operations are increasingly mirroring regional tensions, particularly in the Middle East and Asia.

2.1 The Middle East Cyber Front

The most prolific activity was observed in the Middle East, driven largely by the threat actor A K U L A v 2. This actor’s operational tempo was exceptionally high, executing a “hack-and-leak” strategy focused on credential theft.

Iran: The primary target of this campaign was Iran. Victims included Semnan University , Shiraz University of Medical Sciences , Soroush Plus messenger , and the Mohaymen ICT Group. The breadth of targets—ranging from academia to secure communications and IT services—suggests a systematic effort to destabilize or embarrass Iranian infrastructure. Further breaches included Islamic Azad University , Omidnetco , and Pasargad Insurance Company.+4
Israel: Simultaneously, Israel faced significant targeting. The same actor, A K U L A v 2, claimed leaks against Statistics (education) , Kali Group Insurance , and Israel Aerospace Industries, a major defense contractor. Another group, Cyber 4vengers, claimed access to Israeli water control infrastructure, a critical escalation point.+4
The Gulf States & Iraq: The campaign extended to neighboring nations. In Iraq, the Ministry of Oil and Iraqi Airways were targeted. In the UAE, the Ministry of Education’s email platform was breached. Kuwait’s Ministry of Defense and Oman’s Ministry of Defence also saw alleged credential leaks.+4

This pattern indicates a regional cyber conflict where state institutions are the primary prey, likely for espionage or psychological warfare purposes.

2.2 Southeast Asia: Defacement and Data Theft

Indonesia featured heavily in the dataset, but the nature of the attacks differed from the Middle East.

Defacement Wave: A specific actor, BABAYO EROR SYSTEM, launched a mass defacement campaign against Indonesian schools, specifically “SLB” (Sekolah Luar Biasa) or special needs schools. While technically unsophisticated, the volume of these attacks disrupts local services and highlights vulnerability in the education sector’s web infrastructure.+3
Data Brokerage: Indonesia was also a source of commercial data leaks. The Fuel Distributor Database involving over 6,500 entities was leaked by actor AYYUBI , along with data from Toyota Bali Fair.+1

2.3 Western Nations: High-Value Espionage and Commerce

Attacks in the USA and Europe were characterized by high-value targets and large commercial data sales.

USA: The Lawrence Livermore National Laboratory, a key research facility, was the subject of a massive 15 TB data breach claim by the Infrastructure Destruction Squad. Additionally, access to SCADA systems and college software suites was put up for sale.+4
Europe: France saw breaches in government recruitment (Choisir le service public) and IT services. Germany saw a massive leak of citizen data (1.68 million records) and business directories.+2

3. Sector Analysis

3.1 Critical Infrastructure and Operational Technology (OT)

Perhaps the most alarming trend in this report is the recurring sale of unauthorized access to industrial control systems. These systems manage physical processes, and their compromise can lead to kinetic damage.

Water & Irrigation:
- Israel: Unauthorized access to water control infrastructure was claimed by Cyber 4vengers.+1
- Australia: Access to an irrigation management system was claimed, with the threat actor noting the ability to modify pump configurations and disable alarms.
Energy & Heating:
- Italy: A heating control panel was allegedly compromised, with actors claiming full administrative access to the HMI/SCADA system, allowing for the manipulation of combustion operations.+1
- USA: General SCADA/HMI system access was offered for sale.
Oil & Gas:
- Indonesia: A database of 6,569 fuel distribution entities was leaked.
- Iraq: Login credentials for the Iraqi Ministry of Oil were leaked.

Analysis: The specific mention of modifying “PID controller parameters” and “disabling alarms” indicates a sophisticated understanding of OT environments. These are not merely IT breaches; they are potential preludes to physical sabotage.

3.2 Government and Defense

Government entities remain the “apex predators” of targets for hacktivists and state-aligned actors.

Defense:
- USA: The Lawrence Livermore National Laboratory breach involves 15 TB of data, including engineering blueprints and classified video.
- Israel: Israel Aerospace Industries credentials were leaked.
- Kuwait & Oman: Both nations saw their Ministries of Defense targeted.+1
- Spain: The National Police (Cuerpo Nacional de Policía) suffered a breach of their PKI Directory, exposing Certificate Revocation Lists and root certificates. This is a severe cryptographic security failure.+1
Intelligence:
- USA: The group DieNet announced targeting of the CIA.
- Iran: An IAEA document related to Iran was allegedly leaked.

3.3 Education

The education sector is soft target, often lacking the budget for enterprise-grade security, yet holding vast amounts of PII.

Universities: Massive breaches affected Semnan University (Iran) , Tuwaiq Academy (Saudi Arabia) , Shiraz University of Medical Sciences (Iran) , and Islamic Azad University (Iran).+3
Defacement: As noted, Indonesian special needs schools (SLB) were systematically defaced.+1
Commercial Sales: Access to a “USA College Software Suite” was sold, granting root access.+2

3.4 Finance and Insurance

Financial institutions face constant pressure from motivated criminal actors seeking immediate monetization.

Banking & Payments: PRESTA Bank transfer data in Poland was leaked. Credentials for Kali Group Insurance in Israel were exposed.+1
Network Access: Access to a Chinese financial organization and a Ukrainian accounting firm was sold, offering root RCE.+1
Insurance: Pasargad Insurance (Iran) and Serlefin (Colombia) were breached, exposing customer billing and medical data.+1

4. Threat Actor Profiles

Understanding the adversary is key to defense. The following profiles are based on the activity observed on February 3, 2026.

4.1 A K U L A v 2

Primary Motivation: Geopolitical Hacktivism / State-Alignment.
Target Region: Middle East (Iran, Israel, Iraq, Gulf States).
Tactics: Credential harvesting and leaking (likely via phishing or infostealer logs).
Key Incidents: Leaked credentials for Semnan University , Shiraz University , Ministry of Defense Oman , and Israel Aerospace Industries.+4
Assessment: This actor is highly prolific, favoring volume over depth. They likely utilize automated tools to harvest credentials and publish them on Telegram to cause reputational damage and disruption.

4.2 BABAYO EROR SYSTEM

Primary Motivation: Defacement / Reputation / Vandalism.
Target Region: Indonesia.
Target Sector: Education (specifically Special Needs Schools).
Tactics: Website Defacement.
Key Incidents: Defaced SLB Santa Mulia Surabaya , SLB PH Malang, and others.+1
Assessment: This group appears to be a “script kiddie” or lower-sophistication collective. Their focus on educational institutions suggests they are exploiting known CMS vulnerabilities (like WordPress or Joomla) rather than conducting sophisticated intrusions.

4.3 miyako

Primary Motivation: Financial / Initial Access Broker (IAB).
Target Region: Global (China, USA, Ukraine, Asia).
Tactics: Selling root-level network access.
Key Incidents: Selling access to: Largest Real Estate Developer in Asia , USA College Software Suite , China Luxury Jewelry Company , and USA Electronic Manufacturer.+4
Assessment: miyako is a dangerous Initial Access Broker. They do not just sell data; they sell the keys to the castle—specifically Linux-based firewalls with root RCE and shell capabilities. This suggests they are exploiting a specific 0-day or N-day vulnerability in a widely used firewall appliance.

4.4 Dripper

Primary Motivation: Financial / Data Brokerage.
Target Region: Global (Germany, Malaysia, Japan, Ireland, India).
Tactics: Bulk data sales.
Key Incidents: Selling datasets from Wer liefert was (Germany) , Mayflower (Malaysia) , Sportsentry (Japan) , and Clubforce (Ireland).+3
Assessment: Dripper operates as a classic data wholesaler, aggregating large scrapings or database dumps and selling them on forums like BreachForums. The diversity of their targets indicates they are likely reselling data obtained from other breaches or widespread scraping operations.

4.5 Infrastructure Destruction Squad

Primary Motivation: Sabotage / High-Level Espionage.
Target Region: USA.
Key Incidents: Alleged 15 TB breach of Lawrence Livermore National Laboratory.
Assessment: The name implies a destructive intent. If their claim of possessing 15 TB of blueprints and classified video is true, this represents a Tier-1 national security incident.

5. Detailed Incident Catalog

The following section categorizes the raw incident data for closer examination.

5.1 Data Breaches (General)

The volume of data breaches remains the highest category of incidents.

Social Media:
- Haijiao (China): 15.7 million records from an adult forum were leaked, including hashed passwords and phone numbers.
- Brazzers (Canada): A dataset from the adult platform was shared.
Government & Public Sector:
- Germany: A massive database of 1.68 million citizens was listed for sale.
- Dominican Republic: Citizen data including “cedula” (ID) and blood type was leaked.
- South Africa: Municipal Money suffered a breach of 73 million rows (likely historical data resurfacing).
Retail & Commerce:
- Australia: An unidentified furniture company with $5M revenue had 48,000 leads exposed.
- Indonesia: Bhinneka, a major e-commerce site, had user credentials sold.
- India: ClickIndia user data (742k records) was put up for sale.

5.2 Initial Access Sales

Access brokers are the precursors to ransomware attacks.

USA: Access to IT networks via port 8040 was auctioned.
Indonesia: Shell access to SieradMU and Plantation & Mill Management System was sold by actor Gugugaga.+1
Denmark: Unauthorized access to a beauty salon.

5.3 Malware and Tools

WaveShield Server Logs: Logs containing IP addresses and Discord IDs were leaked.
Lazarus Botnet: Access details for the “LAZARUS” botnet, including C2 credentials, were leaked.
Network Target Finder: A tool for discovering admin panels and vulnerable WordPress sites was listed for sale.

5.4 Defacement

Tunisia: Innovative Display Concept was defaced by DARK 07x.
Bangladesh: Independent University and Fashitala B.L High School were targeted by KINGSMAN INDIA.+1
UAE: Industrialist.ae was defaced by Volcaryx1337.

6. Emerging Threat Vectors and Recommendations

6.1 Vector: Firewall Vulnerabilities

Observation: The actor miyako is selling access to Linux-based firewalls with “root RCE” across multiple disparate industries (Real Estate, Education, Manufacturing). Implication: This strongly suggests the exploitation of a specific, unpatched vulnerability in a common firewall appliance or VPN concentrator. Recommendation: Organizations must immediately audit their perimeter security devices. Specifically, verify patch levels on Linux-based appliances (e.g., Fortinet, Palo Alto, Cisco) and look for indicators of compromise such as unauthorized root shells or unfamiliar admin accounts.+2

6.2 Vector: Supply Chain and Third-Party Risk

Observation: The breach of Kroll related to FTX bankruptcy claims highlights how third-party administrators are critical choke points. Attackers bypassed internal safeguards to access sensitive financial claimant data. Implication: Even if a primary organization is secure, their legal or financial partners may not be. Recommendation: Implement strict third-party risk management (TPRM). Mandate multi-factor authentication (MFA) enforcement for all external partners accessing sensitive data.

6.3 Vector: OT/SCADA Insecurity

Observation: Multiple claims of access to water, heating, and irrigation systems. Implication: These systems often lack modern security controls and are increasingly connected to the internet. Recommendation: Air-gap critical OT networks where possible. If connectivity is required, use strict unidirectional gateways. Monitor network traffic for anomalous commands (e.g., changes to PID parameters).+1

6.4 Vector: Educational Sector Vulnerability

Observation: The sheer volume of university breaches indicates that higher education is a favored target for credential harvesting. Implication: Universities have large, open networks and high user turnover (students), making them difficult to secure. Recommendation: Educational institutions should accelerate the adoption of Zero Trust architectures. Network segmentation is crucial to ensure that a compromised student account does not grant access to administrative or research databases.+3

7. Conclusion

The events of February 3, 2026, paint a picture of a hyper-active and increasingly segmented cyber threat landscape. We are witnessing a bifurcation of threats:

The Geopolitical Layer: Actors like A K U L A v 2 and Infrastructure Destruction Squad are engaging in targeted disruption of national assets (defense, nuclear, intelligence) in the Middle East and the US. These attacks are likely driven by ideology or state sponsorship.
The Criminal Commercial Layer: Actors like miyako, Dripper, and Gugugaga are industrializing cybercrime. They are not hacking for a cause; they are filling a supply chain of stolen data and network access that fuels downstream ransomware and fraud.

Key Takeaway: The “safe” sectors are disappearing. From an Indonesian special needs school to the US Central Intelligence Agency, no entity is immune to targeting. The specific rise in “root RCE” sales for firewall appliances suggests a looming wave of ransomware attacks once these access points are purchased and weaponized.

Immediate Action Required: Organizations must pivot from reactive defense to proactive threat hunting. The specific intelligence regarding Linux firewall exploits and the targeting of PKI infrastructures demands immediate auditing of edge devices and cryptographic trust stores.+1

Detected Incidents Draft Data

Alleged sale of unauthorized admin access to tripXOXO
Category: Initial Access
Content: The threat actor claims to have selling unauthorized admin access to tripXOXO
Date: 2026-02-03T23:59:43Z
Network: openweb
Published URL: https://darkforums.io/Thread-Selling-Access-admin-PANEL-travel-For-sale?highlight=Access+admin+PANEL+travel+for+sale
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7fee3408-7faf-44e2-8d07-1213be6870ab.png
Threat Actors: KaruHunters
Victim Country: India
Victim Industry: Leisure & Travel
Victim Organization: tripxoxo
Victim Site: tripxoxo.com
Alleged leak of login credentials to Semnan University
Category: Data Breach
Content: he group claims to have leaked login credentials to Semnan University
Date: 2026-02-03T23:58:33Z
Network: telegram
Published URL: https://t.me/c/1943303299/1049012
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/94f9f993-18e5-4837-b5c5-86a8237292d2.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Education
Victim Organization: semnan university
Victim Site: semnan.ac.ir
Alleged leak of login credentials to Tuwaiq Academy
Category: Data Breach
Content: The group claims to have leaked login credentials to Tuwaiq Academy in Saudi Arabia.
Date: 2026-02-03T23:06:07Z
Network: telegram
Published URL: https://t.me/c/1943303299/1048481
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/46f9f209-a313-4ece-95b2-3927451d63d1.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Saudi Arabia
Victim Industry: Education
Victim Organization: tuwaiq academy
Victim Site: tuwaiq.edu.sa
Alleged leak of login credentials to Shiraz University of Medical Sciences
Category: Data Breach
Content: The group claims to have leaked login credentials to Shiraz University of Medical Sciences and Health Services in Iran.
Date: 2026-02-03T22:35:18Z
Network: telegram
Published URL: https://t.me/c/1943303299/1048369
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e36093b1-3a2b-4163-ba14-642b7ae6ee48.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Education
Victim Organization: shiraz university of medical sciences (sums)
Victim Site: sums.ac.ir
Alleged leak of login credentials to Soroush Plus
Category: Data Breach
Content: The group claims to have leaked login credentials to Soroush Plus messenger, Iran.
Date: 2026-02-03T22:18:57Z
Network: telegram
Published URL: https://t.me/c/1943303299/1048282
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0e9de644-ac5c-49cd-8ae4-d8f1a5125e85.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Social Media & Online Social Networking
Victim Organization: soroush plus
Victim Site: splus.ir
Alleged leak of login credentials to Mohaymen ICT Group
Category: Data Breach
Content: The group claims to have leaked login credentials to Mohaymen ICT Group in Iran.
Date: 2026-02-03T22:17:32Z
Network: telegram
Published URL: https://t.me/c/1943303299/1048268
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3c99c46a-f829-4133-83a4-db82df5c8f67.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Information Technology (IT) Services
Victim Organization: mohaymen ict group
Victim Site: mohaymen.ir
Alleged sale of WaveShield server logs
Category: Malware
Content: The threat actor claims to have leaked WaveShield server logs, exposing sensitive player information such as IP addresses, FiveM license keys, Discord IDs, Steam and Xbox Live identifiers, and player usernames.
Date: 2026-02-03T22:14:35Z
Network: openweb
Published URL: https://breachforums.bf/Thread-FiveM-French-Server
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/66c97ddf-6306-4388-b155-d6194e411871.png
Threat Actors: Cvld
Victim Country: France
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Acti Informatique
Category: Data Breach
Content: The threat actor claims to have leaked data from acti-informatique.com, allegedly containing password hashes and game keys .
Date: 2026-02-03T22:13:00Z
Network: openweb
Published URL: https://breachforums.cz/index.php?threads/acti-informatique-com-passwd-hashes-and-gamekeys.258/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/07105528-d92a-457b-9fc2-1b3534c007f7.png
Threat Actors: BobbyDropTables
Victim Country: France
Victim Industry: Information Technology (IT) Services
Victim Organization: acti informatique
Victim Site: acti-informatique.com
Alleged leak of Fuel Distributor Database
Category: Data Breach
Content: The threat actor claims to have leaked a database containing information on 6,569 fuel distribution and oil & gas trading entities involved in general fuel trading activities. The dataset allegedly covers the years 2019–2023 and includes company names, fuel station identifiers (SPBU), and address/location details.
Date: 2026-02-03T22:07:46Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DOCUMENTS-6569-Fuel-Distributor-Database-Oil-and-Gas-Trading-Entity-for-General-Fuel-Trading-B
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ce777444-fd99-4767-a36a-3757f73ecbe6.png
Threat Actors: AYYUBI
Victim Country: Indonesia
Victim Industry: Oil & Gas
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of an unidentified furniture company from Australia
Category: Data Breach
Content: The threat actor claims to have leaked a database associated with an unidentified Australian furniture company with an estimated $5M revenue. The exposed dataset reportedly contains 48,000 rows of leads, including sensitive personal information such as customer names, phone numbers, email addresses, physical addresses, and Australian Company Numbers (ACN).
Date: 2026-02-03T21:56:08Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275147/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c5d91b88-7f5e-429f-81d2-0a0e1b6f0ae7.png
Threat Actors: GeeksforGeeks
Victim Country: Australia
Victim Industry: Furniture
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of login credentials to Statistics
Category: Data Breach
Content: The group claims to have leaked login credentials to the education website, Statistics, in Israel.
Date: 2026-02-03T21:52:29Z
Network: telegram
Published URL: https://t.me/c/1943303299/1048560
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/187353b8-fdec-40d2-b201-d6f16d973e5b.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Israel
Victim Industry: Education
Victim Organization: statistics
Victim Site: statistical.co.il
Alleged data leak of furniture company from Australia
Category: Data Breach
Content: The threat actor claims to have leaked a database associated with an Australian furniture company with an estimated $5M revenue. The exposed dataset reportedly contains 48,000 rows of leads, including sensitive personal information such as customer names, phone numbers, email addresses, physical addresses, and Australian Company Numbers (ACN).
Date: 2026-02-03T21:46:31Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275147/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c5d91b88-7f5e-429f-81d2-0a0e1b6f0ae7.png
Threat Actors: GeeksforGeeks
Victim Country: Australia
Victim Industry: Furniture
Victim Organization: Unknown
Victim Site: Unknown
DARK 07x targets the website of Innovative Display Concept
Category: Defacement
Content: The threat actor claims to have defaced the organizations website.
Date: 2026-02-03T21:18:00Z
Network: telegram
Published URL: https://t.me/DarK07xxxxxxx/1559
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1be0d4ad-69d0-44ef-88ef-464aa6487dde.png
Threat Actors: DARK 07x
Victim Country: Tunisia
Victim Industry: Information Technology (IT) Services
Victim Organization: innovative display concept
Victim Site: innovativedc.tn
Alleged leak of login credentials to Kali Group Insurance Agency and Investments Marketing Ltd
Category: Data Breach
Content: The group claims to have leaked the login credentials for Kali Group Insurance Agency and Investments Marketing Ltd. in Israel.
Date: 2026-02-03T21:12:08Z
Network: telegram
Published URL: https://t.me/c/1943303299/1048558
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/78671175-94b7-4af1-a153-ddb391d2935e.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Israel
Victim Industry: Financial Services
Victim Organization: kali group insurance agency and investments marketing ltd
Victim Site: kali.co.il
Alleged Data Leak of PRESTA Bank Transfer Data in Poland
Category: Data Breach
Content: Threat Actor claims to have leaked PRESTA Bank Transfer data in Poland.
Date: 2026-02-03T21:05:47Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275150/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/215d5dc4-6e3c-4192-8c19-8938cf7249e7.png
Threat Actors: Malwareboy
Victim Country: Poland
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Sale of Unauthorized Access to Largest Real Estate Developer in Asia
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized access to the network infrastructure of Asia’s largest real estate developer, allegedly providing Linux-based firewall access with root RCE, shell capabilities, and full network administrator panel permissions.
Date: 2026-02-03T20:51:15Z
Network: openweb
Published URL: https://breachforums.bf/Thread-300-Largest-Real-Estate-Developer-in-Asia-Firewall-Network-Admin-Panel
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/146174f7-9d6b-42b9-a485-a9004ace7bad.png
Threat Actors: miyako
Victim Country: Unknown
Victim Industry: Real Estate
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Haijiao
Category: Data Breach
Content: The threat actor claims to have obtained and shared a user database containing approximately 15.7 million records allegedly originating from haijiao.com, a Chinese adult forum platform. The database reportedly includes user account details such as usernames, email addresses, phone numbers, hashed passwords, avatars, roles, account status, login timestamps, IP-related metadata, profile descriptions, tags, popularity metrics, and certification-related fields
Date: 2026-02-03T20:39:34Z
Network: openweb
Published URL: https://darkforums.io/Thread-China-haijiao-com-15-7M-User-DB
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b8b7e598-f45c-407f-affb-12de634a77b8.png
Threat Actors: Tanaka
Victim Country: China
Victim Industry: Social Media & Online Social Networking
Victim Organization: haijiao
Victim Site: haijiao.com
Alleged data leak of Toyota Bali Fair database
Category: Data Breach
Content: The threat actor claims to have leaked a customer database related to “Toyota Bali Fair”, containing records of approximately 2,000 customers. the dataset includes 2,618 lines in CSV and PDF formats, with data collected between 2020 and 2024. The allegedly exposed information contains customer names, phone numbers, vehicle ownership details, and car models.
Date: 2026-02-03T20:37:14Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DOCUMENTS-2000-CUSTOMER-DATABASE-TOYOTA-BALI-FAIR-LEAKED-FREE-SAMPLE-DOWNLOAD
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/39c808e2-ee19-4f85-a8f6-8097d8728d3b.png
Threat Actors: AYYUBI
Victim Country: Indonesia
Victim Industry: Automotive
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthorized access to an unidentified SCADA/HMI system in the USA
Category: Initial Access
Content: The group claims to have gained unauthorized access to an unidentified SCADA/HMI system in the USA.
Date: 2026-02-03T20:29:38Z
Network: telegram
Published URL: https://t.me/crewcyber/636?single
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/eeec2770-5c77-45da-8b72-e2479061ddc9.png
Threat Actors: 404 CREW CYBER TEAM
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Interplan AG
Category: Data Breach
Content: The group claims to have breached the organisation data of Interplan AG. They intent to publish it within 1-2 days.
Date: 2026-02-03T20:14:50Z
Network: tor
Published URL: https://worldleaksartrjm3c6vasllvgacbi5u3mgzkluehrzhk2jz4taufuid.onion/companies/9255855374/overview
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5da06610-41c1-47c5-ba23-438c5fd4d1a7.jpg
Threat Actors: Worldleaks
Victim Country: Germany
Victim Industry: Events Services
Victim Organization: interplan ag
Victim Site: interplan.de
Alleged data breach of Wakanim
Category: Data Breach
Content: The threat actor claims to be sharing a database belonging to Wakanim, an anime streaming platform, which was allegedly dumped in August 2022.the exposed database contains information on approximately 6.7 million users. The compromised data reportedly includes email addresses, usernames, real names, IP addresses, physical addresses, and account login dates.
Date: 2026-02-03T20:13:59Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-Wakanim-2022
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8598f9be-86fe-482c-b30a-4c587a91ab6a.png
Threat Actors: authsso
Victim Country: France
Victim Industry: Entertainment & Movie Production
Victim Organization: wakanim
Victim Site: wakanim.tv
Alleged data breach of Choisir le service public
Category: Data Breach
Content: The threat actor claims to be selling personal data of approximately 377,000 job seekers registered on “Choisir le service public”, the official French government recruitment platform for public sector employment. the allegedly leaked data includes full names, gender, dates of birth, postal codes, cities, country, email addresses, phone numbers, education level, professional specialization, language skills, job category, job preferences, account identifiers, and login activity metadata
Date: 2026-02-03T20:01:34Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-FR-377K-Choisir-le-service-public-gouv
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/bbc96a1c-7dd3-4827-9fa9-6b2e9732180f.png
Threat Actors: HexDex
Victim Country: France
Victim Industry: Government & Public Sector
Victim Organization: choisir le service public
Victim Site: choisirleservicepublic.gouv.fr
Alleged data breach of ELC Electroconsult SpA
Category: Data Breach
Content: The threat actor claims to have leaked a large internal database belonging to ELC Electroconsult SpA, totaling over 90 GB and containing 54,000+ files, including approximately 37,734 PDF documents. The exposed data allegedly consists of engineering drawings, tender and bid documents, internal correspondence, approvals, and project documentation associated with PGE-ELC-JICA projects.
Date: 2026-02-03T19:54:13Z
Network: openweb
Published URL: https://breachforums.bf/Thread-ELC-Electroconsult-SpA-DataBase-90-GB
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4ed28150-1161-42cf-9d69-d6e9e3034ee9.png
Threat Actors: iloveya
Victim Country: Italy
Victim Industry: Building and construction
Victim Organization: elc electroconsult spa
Victim Site: elc-electroconsult.com
Alleged Sale of Unauthorized Access to USA College Software Suite (SaaS)
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized access to a USA college software suite (SaaS), allegedly providing Linux-based firewall access with root RCE, shell capabilities, and network administrator panel permissions.
Date: 2026-02-03T19:44:42Z
Network: openweb
Published URL: https://breachforums.bf/Thread-200-USA-College-Software-Suite-SaaS-Firewall-Network-Admin-Panel
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2abacd40-64bc-43e5-83de-fd5f3073a410.png
Threat Actors: miyako
Victim Country: USA
Victim Industry: Education
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized access to a China Luxury Jewelry Company
Category: Initial Access
Content: The threat actor claims to be selling unauthorized firewall and internal network access belonging to a China-based luxury jewelry company. The alleged access includes a Linux-based firewall with root-level remote code execution, shell access, and full network administrator panel privileges.
Date: 2026-02-03T19:19:23Z
Network: openweb
Published URL: https://breachforums.bf/Thread-200-China-Luxury-Jewelry-Firewall-Network-Admin-Panel
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3a6cb513-2124-433a-bde0-17fc7c937c9f.png
Threat Actors: miyako
Victim Country: China
Victim Industry: Luxury Goods & Jewelry
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized access to a U.S-based electronic device manufacturing company
Category: Initial Access
Content: The threat actor claims to be selling unauthorized network access to a U.S.-based electronic device manufacturing company. The alleged access includes a Linux-based firewall system with root-level remote code execution, shell access, and full network administrator panel privileges.
Date: 2026-02-03T19:18:08Z
Network: openweb
Published URL: https://breachforums.bf/Thread-200-USA-Electronic-Device-Manufacturer
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2b798945-c562-42a7-9d77-37161878bda7.png
Threat Actors: miyako
Victim Country: USA
Victim Industry: Electrical & Electronic Manufacturing
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized access to a Ukrainian accounting and finance organization
Category: Initial Access
Content: The threat actor claims to be selling unauthorized network access to a Ukrainian accounting and finance organization. the access allegedly includes a Linux-based firewall device with root-level remote code execution, shell access, and full network administrator panel privileges.
Date: 2026-02-03T19:08:06Z
Network: openweb
Published URL: https://breachforums.bf/Thread-200-Ukraine-Accounting-and-Finance-Firewall-Network-Admin-Panel
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/44127a80-20fd-45ad-80c1-d03b5f7068e9.png
Threat Actors: miyako
Victim Country: Ukraine
Victim Industry: Financial Services
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized access to a Chinese financial organization
Category: Initial Access
Content: The threat actor claims to be selling unauthorized access to a Chinese financial organization’s internal network. The alleged access includes a Linux-based firewall device with root-level remote code execution, shell access, and full network administration panel privileges.
Date: 2026-02-03T18:59:30Z
Network: openweb
Published URL: https://breachforums.bf/Thread-300-Chinese-Finance-Firewall-Network-Admin-Panel
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3ab3dc95-2bb6-4373-8f37-9f722d1f74ba.png
Threat Actors: miyako
Victim Country: China
Victim Industry: Financial Services
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Senior Benefits Center, LLC
Category: Data Breach
Content: Threat actor claims to have leaked admin and user account login credentials from Senior Benefits Center, LLC, USA.
Date: 2026-02-03T18:35:35Z
Network: telegram
Published URL: https://t.me/crewcyber/635
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/463b71a2-39a8-43fc-8e65-3e8b1912818a.png
Threat Actors: 404 CREW CYBER TEAM
Victim Country: USA
Victim Industry: Hospital & Health Care
Victim Organization: senior benefits center, llc
Victim Site: seniorbenefits.us
Alleged Sale of Unauthorized Access to Unidentified IT Networks from USA
Category: Initial Access
Content: Threat actor claims to be selling unauthorized access to IT networks with USA-based IT companies via services exposed on port 8040, offering control through a management interface that enables agent deployment and interaction with connected endpoints, with access reportedly updated daily and sold through an auction format.
Date: 2026-02-03T18:27:02Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275139/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/eeecc15d-3457-4595-8ba4-6dd8c115cde0.png
Threat Actors: DK_900
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Islamic Azad University
Category: Data Breach
Content: The threat actor claims leaked multiple databases allegedly belonging to the Islamic Azad University in Iran. the exposed data includes extensive academic and personal records such as user IDs, usernames, passwords, mobile numbers, student and staff names, family details, identification numbers, academic programs, enrollment information, grades, financial records, administrative logs, and internal support data.
Date: 2026-02-03T18:18:48Z
Network: openweb
Published URL: https://breachforums.bf/Thread-The-Islamic-Azad-University-in-Iran-DB–186732
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0ccd4ef3-809e-47b8-9459-7da679bd08ad.png
https://d34iuop8pidsy8.cloudfront.net/003e7aae-cd90-4c19-b6ef-b84a262d77a9.png
Threat Actors: chris321
Victim Country: Iran
Victim Industry: Higher Education/Acadamia
Victim Organization: islamic azad university
Victim Site: iau.ir
Alleged data breach of Allmax Nutrition
Category: Data Breach
Content: The threat actor claims to have leaked AllmaxNutrition . the attacker allegedly accessed servers, backups, and customer databases .The leaked data is said to include customer email addresses, usernames, first and last names, phone numbers, purchase history, and internal administrative logs.
Date: 2026-02-03T18:17:43Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-Big-Database-Dump-%E2%80%93-Allmax-Nutrition-Breached
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4d60143e-c4a0-4da6-9c9d-d7ff0c170a45.png
Threat Actors: louna
Victim Country: Canada
Victim Industry: Food & Beverages
Victim Organization: allmax nutrition
Victim Site: allmaxnutrition.com
Alleged data leak of the email service platform of UAEs Ministry of Education
Category: Data Breach
Content: The group claims to have leaked data from the email service platform of the United Arab Emirates’ Ministry of Education (MOE).
Date: 2026-02-03T18:16:44Z
Network: telegram
Published URL: https://t.me/c/1943303299/1046819
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a12198b8-67db-4a05-bcf1-5df9e0dbe1f0.png
Threat Actors: A K U L A v 2 . 2
Victim Country: UAE
Victim Industry: Government Administration
Victim Organization: ministry of education (moe)
Victim Site: mail.moe.gov.ae
Alleged data breach of Kroll
Category: Data Breach
Content: The threat actor claims have leaked data with Kroll (kroll.com). the attackers allegedly gained control of the employee’s phone number, bypassed internal safeguards, and accessed sensitive files and systems related to FTX, BlockFi, and Genesis bankruptcy claims. The exposed data is said to include full names, email addresses, KYC status information, and internal notes such as account balances and risk assessments.
Date: 2026-02-03T18:13:25Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-Kroll-FTX-Bankruptcy-Claimants-kroll-com-2023-08-19-198-34K-People
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c4bc9666-a894-41f5-b745-a54f39fc27a4.png
Threat Actors: thelastwhitehat
Victim Country: USA
Victim Industry: Financial Services
Victim Organization: kroll
Victim Site: kroll.com
Alleged sale of Lazarus Botnet
Category: Malware
Content: The threat actor claims to be leaking access details for a botnet identified as “LAZARUS.” the actor shares command-and-control (C2) connection information, including an IP/domain, port number, and login credentials, allegedly allowing direct access to the botnet infrastructure
Date: 2026-02-03T18:11:21Z
Network: openweb
Published URL: https://breachforums.cz/index.php?threads/botnet-lazarus.229/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/30ac76f7-8f15-4b2d-ab3a-cc63ffd47374.png
Threat Actors: ayka
Victim Country: Unknown
Victim Industry: Computer & Network Security
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Brazzers
Category: Data Breach
Content: The threat actor claims to have obtained and shared a dataset allegedly originating from the Brazzers platform. the leaked data totals approximately 37 MB and is provided as a text file.
Date: 2026-02-03T17:48:51Z
Network: openweb
Published URL: https://breachforums.cz/index.php?threads/brazzers-ad-lt-website.238/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/77e283a9-c55f-492e-b0a4-da77ee65efdf.png
Threat Actors: tbny
Victim Country: Canada
Victim Industry: Entertainment & Movie Production
Victim Organization: brazzers
Victim Site: brazzers.com
Alleged Unauthorized Access to Serlefin from Colombia
Category: Initial Access
Content: Threat actor claims to be selling unauthorized access to Serlefin based in Colombia, allegedly enabling access to internal insurance and healthcare systems containing customer invoices, batch billing data, provider reports, and account statements, with approximately 90 GB of data.
Date: 2026-02-03T17:46:02Z
Network: openweb
Published URL: https://xforums.st/threads/serlefin-aliado-allianza-colombia-bogota-registro-individual-de-prestacion-de-servicios-de-salud-leads.501379/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2c0887a5-af16-4aa5-8e59-d22a9dd93752.png
Threat Actors: Petro_Escobar
Victim Country: Colombia
Victim Industry: Insurance
Victim Organization: serlefin
Victim Site: serlefin.com
Alleged data breach of First Turn Capital
Category: Data Breach
Content: A threat actor claims to have leaked the full database of firstturncapital.com.
Date: 2026-02-03T16:48:40Z
Network: openweb
Published URL: https://breachforums.cz/index.php?threads/firstturncapital-com-full-data-breach.233/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3a2b5994-35b2-4631-afbd-8686cb2ff7c7.png
Threat Actors: GhostSec
Victim Country: USA
Victim Industry: Financial Services
Victim Organization: first turn capital
Victim Site: firstturncapital.com
Alleged data leak of Germany Citizens Database
Category: Data Breach
Content: A threat actor claims to be selling a large German citizens database allegedly compiled from multiple breached sources. The dataset containing over 1.68 million records and is marketed on a breach forum.
Date: 2026-02-03T16:43:33Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-Germany-Citizens-Database-1-6M
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9cb4e9e8-ebb6-4de9-8053-2bff7a4d4833.png
Threat Actors: temporary
Victim Country: Germany
Victim Industry: Government & Public Sector
Victim Organization: Unknown
Victim Site: Unknown
Volcaryx1337 targets the website Industrialist.ae
Category: Defacement
Content: The threat actor claims to have defaced the organizations website.
Date: 2026-02-03T15:36:06Z
Network: openweb
Published URL: https://zone-xsec.com/mirror/id/787185
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b396d486-9e24-4575-8278-372eea6489e5.png
Threat Actors: Volcaryx1337
Victim Country: UAE
Victim Industry: Real Estate
Victim Organization: industrialist.ae
Victim Site: industrialist.ae
Alleged unauthorized access to an unidentified irrigation management system in Australia
Category: Initial Access
Content: The group claims to have gained unauthorized access to an unidentified irrigation management system in Australia, alleging the ability to modify pump configurations, adjust PID controller parameters, and manipulate pressure, level, and flow sensor readings. They further assert that alarms and error states can be altered or disabled while remaining undetected by operators.
Date: 2026-02-03T15:28:21Z
Network: telegram
Published URL: https://t.me/zpentestalliance/1031
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7007b94a-d961-481c-b409-af29e8ce83a2.png
https://d34iuop8pidsy8.cloudfront.net/4549c7b0-14d1-4085-9269-503fe7838cc9.png
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: Australia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Cyber Attack hits Wieson Technologies Co., Ltd.
Category: Cyber Attack
Content: Wieson Technologies Co., Ltd., a company listed on the Taiwan Stock Exchange (TWSE), published an official announcement on 2 February 2026 via the Market Observation Post System (MOPS) following market disclosures. At the time of reporting, there has been no confirmation of a cyberattack, data breach, or system compromise affecting the company. No disruption to operations or leakage of sensitive information has been reported, and the disclosure appears to be part of routine regulatory communication. The situation remains under observation, with no further details indicating malicious activity.
Date: 2026-02-03T14:57:07Z
Network: openweb
Published URL: https://emops.twse.com.tw/server-java/t05sr01_1_e?&isNew=Y&seq_no=1&spoke_time=173653&spoke_date=20260202&co_id=6272
Screenshots:
None
Threat Actors: Unknown
Victim Country: Taiwan
Victim Industry: Electrical & Electronic Manufacturing
Victim Organization: wieson technologies co., ltd.
Victim Site: wieson.com
Alleged leak of login credentials to Iraqi Airways
Category: Data Breach
Content: The group claims to have leaked login credentials to Iraqi Airways.
Date: 2026-02-03T14:54:32Z
Network: telegram
Published URL: https://t.me/c/1943303299/1047053
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/05eff8a4-6660-4fb1-ac0a-5130f8551ce3.jpg
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Government Administration
Victim Organization: iraqi airways
Victim Site: mail.ia.gov.iq
Alleged data breach of PREMIER PAY
Category: Data Breach
Content: The threat actor claims to have breached the data from PREMIER PAY, allegedly including 5,000 leaked cards from the database.
Date: 2026-02-03T14:50:18Z
Network: openweb
Published URL: https://breachforums.cz/index.php?threads/premierpay-data-leak-part-1-credit-card-fullz-only.232/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5826c587-ae71-455d-97ed-1de46a3dfd62.JPG
Threat Actors: GhostSec
Victim Country: Canada
Victim Industry: Information Technology (IT) Services
Victim Organization: premier pay
Victim Site: premierpay.ca
Alleged Leak of Login Credentials for Oman Ministry of Defence Email Portal (OWA)
Category: Data Breach
Content: The group claims to have leaked login credentials for Oman ministry of defence email portal (OWA).
Date: 2026-02-03T14:49:44Z
Network: telegram
Published URL: https://t.me/c/1943303299/1046807
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a64ecaa1-0f36-42e9-b3cd-2b57aef8824d.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Oman
Victim Industry: Government Administration
Victim Organization: ministry of defence
Victim Site: mail.mod.gov.om
Alleged unauthorized access to an unidentified beauty salon in Denmark
Category: Initial Access
Content: The group claims to have gained unauthorized access to an unidentified beauty salon in Denmark.
Date: 2026-02-03T14:31:02Z
Network: telegram
Published URL: https://t.me/zpentestalliance/1030
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/42b24888-52c0-426d-9956-7780a7dbae2a.png
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: Denmark
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Guns.lol
Category: Data Breach
Content: The group claims to have leaked data from Guns.lol. The compromised data reportedly contains a large collection of user records, including user account information.
Date: 2026-02-03T14:26:59Z
Network: openweb
Published URL: https://breachforums.cz/index.php?threads/guns-lol.237/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9fee89c3-7a6e-4b28-b87c-9e7a882c7397.png
Threat Actors: tbny
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: guns.lol
Victim Site: guns.lol
Alleged data breach of Pretoria Society of Advocates
Category: Data Breach
Content: The threat actor claims to have breached over 2,427 unique users data, allegedly including PII Records, Phone Numbers, Usernames, First Names, Last Names.
Date: 2026-02-03T14:25:58Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Pretoriabar-co-za-Database-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/56286c37-9308-4412-9f5a-eaf0aef1c9b1.JPG
Threat Actors: OpenBullet
Victim Country: South Africa
Victim Industry: Legal Services
Victim Organization: pretoria society of advocates
Victim Site: pretoriabar.co.za
Alleged data breach of Pakistan Institute of Education
Category: Data Breach
Content: The threat actor claims to have breached data from the Pakistan Institute of Education, allegedly containing internal reports, charts, and budget breakdowns
Date: 2026-02-03T14:07:36Z
Network: openweb
Published URL: https://breachforums.cz/index.php?threads/pie-leak-full-internal-reports-charts-and-budget-breakdowns.240/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/26afff10-9b24-4124-a2e0-9df83a6d1fa6.jpg
Threat Actors: K1ngSlay3r
Victim Country: Pakistan
Victim Industry: Education
Victim Organization: pakistan institute of education
Victim Site: pie.gov.pk
DieNet claims to target Central Intelligence Agency
Category: Alert
Content: A recent post by the group indicates that they are targeting Central Intelligence Agency and government websites in USA.
Date: 2026-02-03T14:01:23Z
Network: telegram
Published URL: https://t.me/dienet3/201
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/875b9132-4228-4d4e-abf1-89b316274f8c.jpg
Threat Actors: DieNet
Victim Country: USA
Victim Industry: International Affairs
Victim Organization: central intelligence agency
Victim Site: cia.gov
Alleged data breach of Casa do Alemão
Category: Data Breach
Content: The group claims to have breached the organisations data.
Date: 2026-02-03T13:50:23Z
Network: telegram
Published URL: https://t.me/levstccc/1608
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7e43274a-653e-444e-915a-a081dd5d0e3c.JPG
Threat Actors: LEVSTRESS.SU
Victim Country: Brazil
Victim Industry: Hospitality & Tourism
Victim Organization: casa do alemão
Victim Site: casadoalemaobuzios.com
Alleged leak of login credentials to Ministry of Defense (Kuwait)
Category: Data Breach
Content: The group claims to have leaked login credentials to Ministry of Defense.
Date: 2026-02-03T13:10:33Z
Network: telegram
Published URL: https://t.me/c/1943303299/1046767
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ee135e68-4da4-4589-a216-374995fa067a.jpg
Threat Actors: A K U L A v 2 . 2
Victim Country: Kuwait
Victim Industry: Government Administration
Victim Organization: ministry of defense
Victim Site: mail.mod.gov.kw
Alleged unauthorized access to PIONEER DENTAL COLLEGE & HOSPITAL
Category: Initial Access
Content: The group claims to have leaked unauthorized access to PIONEER DENTAL COLLEGE & HOSPITAL
Date: 2026-02-03T13:07:01Z
Network: telegram
Published URL: https://t.me/ZeroCertHackers/1020
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/16f9c0ad-027b-4328-9cb5-21384f257424.png
Threat Actors: kingsman
Victim Country: Bangladesh
Victim Industry: Education
Victim Organization: pioneer dental college & hospital
Victim Site: old.pioneer.edu.bd
Alleged data breach of Municipal Money
Category: Data Breach
Content: The threat actor claims to have breached 73202136 rows of data of Municipal Money, Note: it was previously breached by the threat actor markitto35 on Sat Dec 16 2023.
Date: 2026-02-03T12:58:09Z
Network: openweb
Published URL: https://darkforums.io/Thread-Municipalmoney-gov-za-SQL
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a59b303c-18ae-4403-ae03-d4f610edab0d.JPG
Threat Actors: Tanaka
Victim Country: South Africa
Victim Industry: Government Administration
Victim Organization: municipal money
Victim Site: municipalmoney.gov.za
Alleged unauthorized access to an unidentified water control infrastructure in Israel
Category: Initial Access
Content: Group claims to have gained unauthorized access to an unidentified water control infrastructure in Israel.
Date: 2026-02-03T12:04:12Z
Network: telegram
Published URL: https://t.me/Cyber4vengers/10?single
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/80b1dcf9-8f4f-4bbc-b7bd-1cd79ed2ea60.png
Threat Actors: Cyber 4vengers
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged unauthorized access to Sonata Messenger
Category: Initial Access
Content: The group claims to have gained unauthorized access to Sonata Messenger in Ukraine.
Date: 2026-02-03T12:03:12Z
Network: telegram
Published URL: https://t.me/sauron_of_eye/66
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/56d5e31a-ef3a-4561-9c61-5bc63d0af005.jpg
https://d34iuop8pidsy8.cloudfront.net/b4e0f515-cbd7-47fd-9822-d700dc7f48ae.jpg
Threat Actors: EYE OF SAURON
Victim Country: Ukraine
Victim Industry: Software
Victim Organization: sonata messenger
Victim Site: Unknown
KINGSMAN INDIA targets the website of Independent University, Bangladesh
Category: Defacement
Content: The group claims to have defaced the website of Independent University, Bangladesh.
Date: 2026-02-03T11:59:03Z
Network: telegram
Published URL: https://t.me/ZeroCertHackers/1019
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9d472c0c-a4a7-4b67-9a23-22b1dbcc9d25.png
Threat Actors: KINGSMAN INDIA
Victim Country: Bangladesh
Victim Industry: Higher Education/Acadamia
Victim Organization: independent university, bangladesh
Victim Site: iub.ac.bd
Z-BL4CX-H4T.ID targets the website of Dr Yatra Skin Care
Category: Defacement
Content: The group claims to have defaced the website of Dr Yatra Skin Care.
Date: 2026-02-03T11:48:30Z
Network: telegram
Published URL: https://t.me/z_bl4cx_h4t_id/55
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6f68a89c-506d-47d2-8ec7-62638a4f2031.png
Threat Actors: Z-BL4CX-H4T.ID
Victim Country: India
Victim Industry: Hospital & Health Care
Victim Organization: dr yatra skin care
Victim Site: dryatraskincare.com
KINGSMAN INDIA targets the website of Fashitala B.L High School
Category: Defacement
Content: The group claims to have defaced the website of Fashitala B.L High School.
Date: 2026-02-03T11:39:46Z
Network: telegram
Published URL: https://t.me/ZeroCertHackers/1013
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/65459328-0c73-45c1-8a5c-e492e1dde229.png
Threat Actors: KINGSMAN INDIA
Victim Country: Bangladesh
Victim Industry: Education
Victim Organization: fashitala b.l high school
Victim Site: fhschool.edu.bd
Alleged leak of login credentials to omidnetco
Category: Data Breach
Content: The group claims to have leaked login credentials to omidnetco
Date: 2026-02-03T11:00:42Z
Network: telegram
Published URL: https://t.me/c/1943303299/1046560
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c5c0c4cf-738c-42b0-bd55-9b8fed287156.JPG
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Information Technology (IT) Services
Victim Organization: omidnetco
Victim Site: omidnet.ir
Alleged data leak of Pasargad Insurance Company
Category: Data Breach
Content: The group claims to have gained organizations data.
Date: 2026-02-03T10:58:19Z
Network: telegram
Published URL: https://t.me/c/1943303299/1046087
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/448d833d-5b86-445f-823d-75d9ebc175d4.jpg
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Insurance
Victim Organization: pasargad insurance company
Victim Site: core.pasargadinsurance.ir
Alleged leak of login credentials associated with HideZeroOne
Category: Data Breach
Content: The threat actor claims to have leaked login credentials associated with HideZeroOne
Date: 2026-02-03T10:54:16Z
Network: telegram
Published URL: https://t.me/c/1943303299/1046186
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/74dfc997-b573-4ac5-8521-286635d05209.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Professional Training
Victim Organization: hidezeroone
Victim Site: vip.hide01.ir
Alleged leak of login credentials to SamanTel Dealer Portal
Category: Data Breach
Content: The group claims to have leaked login credentials to SamanTel Dealer Portal.
Date: 2026-02-03T10:25:26Z
Network: telegram
Published URL: https://t.me/c/1943303299/1045874
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/82a10172-0072-4784-a9b4-c26708b820a1.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Network & Telecommunications
Victim Organization: samantel
Victim Site: dealer.samantel.ir
Alleged leak of webshell access to DigiCart6
Category: Initial Access
Content: The group claims to have leaked webshell access to DigiCart6.
Date: 2026-02-03T10:15:46Z
Network: telegram
Published URL: https://t.me/c/3027611821/375
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/42bcec93-6955-4fc7-a3e0-890c6f661585.png
Threat Actors: Z-BL4CX-H4T
Victim Country: Unknown
Victim Industry: Gaming
Victim Organization: digicart6
Victim Site: digicart6.com
Alleged unauthorized access to an unidentified heating control panel in Italy
Category: Initial Access
Content: Group claims to have gained unauthorized access to an unidentified heating control panel in Italy. According to the claim, they have access of full administrative access to the HMI/SCADA system, allowing them to manipulate combustion and heating operations, disable alarms, spoof or erase logs, exploit schedules for timed attacks, and disrupt services in ways that endanger people, property, and operations.
Date: 2026-02-03T10:07:31Z
Network: telegram
Published URL: https://t.me/zpentestalliance/1029
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8a44cf24-84b4-4a18-9a81-9064ecd8dd4e.jpg
https://d34iuop8pidsy8.cloudfront.net/f325955a-0565-4937-97e0-6236b7b16b7c.jpg
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: Italy
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of shell access to SieradMU
Category: Initial Access
Content: The group claims to be selling shell access to SieradMU
Date: 2026-02-03T09:54:23Z
Network: telegram
Published URL: https://t.me/memek1777/105
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e20590f4-6965-4f9a-8541-ed14064a725d.png
Threat Actors: Gugugaga
Victim Country: Indonesia
Victim Industry: Newspapers & Journalism
Victim Organization: sieradmu
Victim Site: sieradmu.com
Alleged sale of shell access to Radiant Discovery Sdn Bhd
Category: Initial Access
Content: The group claims to be selling shell access to Radiant Discovery Sdn Bhd.
Date: 2026-02-03T09:31:28Z
Network: telegram
Published URL: https://t.me/memek1777/105
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a000d317-4f6a-47c0-b2e9-9c74d0e08db1.png
Threat Actors: Gugugaga
Victim Country: Malaysia
Victim Industry: Agriculture & Farming
Victim Organization: radiant discovery sdn bhd
Victim Site: radiantdiscovery.com.my
Alleged sale of shell access to Sazeh Sim Pouyesh
Category: Initial Access
Content: The group claims to be selling shell access to Sazeh Sim Pouyesh
Date: 2026-02-03T09:26:32Z
Network: telegram
Published URL: https://t.me/memek1777/105
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8834423d-803f-49b5-8568-957a01347091.png
Threat Actors: Gugugaga
Victim Country: Iran
Victim Industry: Automotive
Victim Organization: sazeh sim pouyesh
Victim Site: sazehsimpouyesh.com
Alleged sale of shell access to PLANTATION & MILL MANAGEMENT SYSTEM
Category: Initial Access
Content: The group claims to be selling shell access to PLANTATION & MILL MANAGEMENT SYSTEM.
Date: 2026-02-03T09:14:26Z
Network: telegram
Published URL: https://t.me/memek1777/105
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/32fa5209-858f-4b15-a261-ebbc25875121.png
Threat Actors: Gugugaga
Victim Country: Indonesia
Victim Industry: Agriculture & Farming
Victim Organization: plantation & mill management system
Victim Site: farmapps.ptmkh.id
Alleged sale of shell access to SMC MALAYSIA
Category: Initial Access
Content: The group claims to be selling shell access to SMC MALAYSIA
Date: 2026-02-03T09:13:00Z
Network: telegram
Published URL: https://t.me/memek1777/105
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3dc2b671-743b-4c9a-a230-206601ae29a5.JPG
Threat Actors: Gugugaga
Victim Country: Malaysia
Victim Industry: Agriculture & Farming
Victim Organization: smc malaysia
Victim Site: seenmeeclay.com
Alleged leak of login credentials associated with PISHKHAN.
Category: Data Breach
Content: The group claims to have leaked login credentials from PISHKHAN.
Date: 2026-02-03T09:04:23Z
Network: telegram
Published URL: https://t.me/c/1943303299/1045858
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cc9947e5-9a91-4cd2-a077-8f5d9487e89e.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Information Technology (IT) Services
Victim Organization: pishkhan
Victim Site: epishkhan.ir
Alleged data breach of Harley-Davidson
Category: Data Breach
Content: The threat actor claims to have breached 55 thousand plus rows of data of Harley-Davidson, allegedly including vehicle identification num, vehicle designator code, make code model, model year and more
Date: 2026-02-03T08:51:44Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-Harley-Davidson-Motorcycle-Database
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e2795777-6b34-441b-b2d3-1ee93eaddcd2.JPG
Threat Actors: c0mmandor
Victim Country: USA
Victim Industry: Automotive
Victim Organization: harley-davidson
Victim Site: harley-davidson.com
Alleged leak of Israel database
Category: Data Breach
Content: The threat actor claims to have leaked data of 3.9 million individuals from Israel, allegedly containing names, phone numbers, country, relationship status, and more.
Date: 2026-02-03T08:50:21Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-3-9M-ISRAEL-DATABASE
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/73f2914f-a06f-46e0-89b7-4f324460dfe7.jpg
Threat Actors: roulettegun
Victim Country: Israel
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Likitoria
Category: Data Breach
Content: The threat actor claims to have breached 41,183 rows of data from Likitoria, allegedly containing IDs, passwords, and more.
Date: 2026-02-03T08:27:14Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-likitoria-com-medicines-drugs-and-medications
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/620b4767-5f41-43ec-a62b-9f01310c3a30.jpeg
https://d34iuop8pidsy8.cloudfront.net/da84c843-f42c-497e-8331-91ed78dea233.jpeg
Threat Actors: c0mmandor
Victim Country: Kazakhstan
Victim Industry: Healthcare & Pharmaceuticals
Victim Organization: likitoria
Victim Site: likitoria.com
Alleged data breach of the National Police, Spain
Category: Data Breach
Content: The threat actor claims to have breached PKI Directory of the Spanish National Police, allegedly including Certificate Revocation Lists (CRLs), Authority Revocation Lists (ARLs), root and intermediate certificates, and certification policies.
Date: 2026-02-03T08:18:13Z
Network: openweb
Published URL: https://darkforums.io/Thread-Exposed-PKI-Directory-of-the-Spanish-National-Police
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ef993fdd-b99a-4b77-abf4-346dad5015ef.JPG
https://d34iuop8pidsy8.cloudfront.net/bfc209df-bcec-43b6-af66-cfaedd09fb1e.JPG
Threat Actors: GordonFreeman
Victim Country: Spain
Victim Industry: Government Administration
Victim Organization: the national police
Victim Site: policia.es
Alleged Leak of Login Credentials to Israel Aerospace Industries
Category: Data Breach
Content: The group claims to have leaked login credentials to Israel Aerospace Industries.
Date: 2026-02-03T08:13:53Z
Network: telegram
Published URL: https://t.me/c/1943303299/1045289
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f8ace394-ca94-41d2-b2b6-9d37b64a60a1.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Israel
Victim Industry: Defense & Space
Victim Organization: israel aerospace industries
Victim Site: iai.co.il
Alleged leak of login credentials to Iraqi Ministry of Oil
Category: Data Breach
Content: The group claims to have leaked login credentials to Iraqi Ministry of Oil.
Date: 2026-02-03T07:56:41Z
Network: telegram
Published URL: https://t.me/c/1943303299/1045454
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9accca3d-170c-40e8-abd0-d049565922a6.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Oil & Gas
Victim Organization: iraqi ministry of oil
Victim Site: oil.gov.iq
Alleged leak of IAEA document for Iran
Category: Data Breach
Content: The group claims to have leaked IAEA document for Iran
Date: 2026-02-03T07:55:15Z
Network: telegram
Published URL: https://t.me/c/1943303299/1045640
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fd90892f-8c7d-44ce-8296-329b66df5051.JPG
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of login credentials to Nissan Iraq AlSour
Category: Data Breach
Content: The group claims to have leaked login credentials to Nissan Iraq AlSour.
Date: 2026-02-03T07:30:43Z
Network: telegram
Published URL: https://t.me/c/1943303299/1045235
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e4592030-eb37-4583-bdfa-6018726a7561.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Automotive
Victim Organization: nissan iraq alsour
Victim Site: nissan-iq.com
BABAYO EROR SYSTEM targets the website of SLB Santa Mulia Surabaya
Category: Defacement
Content: The group claims to have defaced the website of SLB Santa Mulia Surabaya
Date: 2026-02-03T06:43:37Z
Network: telegram
Published URL: https://t.me/c/3664625363/113
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d5c0052f-3a53-4245-b2dd-00556a0d6239.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: slb santa mulia surabaya
Victim Site: slbsantimuliasurabaya.sch.id
BABAYO EROR SYSTEM targets the website of SLB PH Malang
Category: Defacement
Content: The group claims to have defaced the website of SLB PH Malang
Date: 2026-02-03T06:37:38Z
Network: telegram
Published URL: https://t.me/c/3664625363/113
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/183ec1e8-a70b-4ad1-a726-a5a5e6744d9c.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: slb ph malang
Victim Site: slbphmalang-official.sch.id
Alleged data breach of Cuerpo Nacional de Policía
Category: Data Breach
Content: The threat actor claims to have breached the database of Cuerpo Nacional de Policía.
Date: 2026-02-03T06:36:15Z
Network: openweb
Published URL: https://darkforums.io/Thread-Exposed-PKI-Directory-of-the-Spanish-National-Police
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ee51ae11-b54b-47c1-9e94-9f5492d898a8.png
https://d34iuop8pidsy8.cloudfront.net/91a1010b-66ee-42ca-8ab2-e5ffa2e0bc30.png
Threat Actors: GordonFreeman
Victim Country: Spain
Victim Industry: Government Administration
Victim Organization: cuerpo nacional de policía
Victim Site: pki.policia.es
BABAYO EROR SYSTEM targets the website of SLB BP Kalibaru
Category: Defacement
Content: The group claims to have defaced the website of SLB BP Kalibaru
Date: 2026-02-03T06:34:35Z
Network: telegram
Published URL: https://t.me/c/3664625363/113
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d4b1ac9f-a256-47ba-890f-7195e4276d99.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: slb bp kalibaru
Victim Site: slbbpkalibaru.sch.id
BABAYO EROR SYSTEM targets the website of SLB Bunga Melati Gempol
Category: Defacement
Content: The group claims to have defaced the website of SLB Bunga Melati Gempol
Date: 2026-02-03T06:27:28Z
Network: telegram
Published URL: https://t.me/c/3664625363/113
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ee67c1b7-e4d5-4a08-be96-b589622969b2.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: slb bunga melati gempol
Victim Site: slbbungamelati-gempol.sch.id
Alleged sale of SEKISUI Aerospace Corporation data
Category: Data Breach
Content: The threat actor claims to be selling a 2025 database from SEKISUI Aerospace Corporation containing sensitive aerospace technical data.
Date: 2026-02-03T06:26:55Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-SEKISUI-Aerospace-Corporation-Dataset-2025
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4925c59c-3402-4daa-bd14-8981b7c546da.png
Threat Actors: nxe
Victim Country: USA
Victim Industry: Manufacturing
Victim Organization: seiksui aerospace corporation
Victim Site: sekisuiaerospace.com
BABAYO EROR SYSTEM targets the website of SLB Bina Harapan Lamongan
Category: Defacement
Content: The group claims to have defaced the website of SLB Bina Harapan Lamongan
Date: 2026-02-03T06:23:06Z
Network: telegram
Published URL: https://t.me/c/3664625363/113
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/458edbd3-cfe9-4e7c-890f-78bc3db72ef2.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: slb bina harapan lamongan
Victim Site: slbbinaharapanlamongan.sch.id
BABAYO EROR SYSTEM targets the website of SLB BC Optimal
Category: Defacement
Content: The group claims to have defaced the website of SLB BC Optimal
Date: 2026-02-03T06:22:36Z
Network: telegram
Published URL: https://t.me/c/3664625363/113
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cb008a79-44e3-45ab-a0c4-dd7684992d67.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: slb bc optimal
Victim Site: slbbcoptimal.sch.id
BABAYO EROR SYSTEM targets the website of SDL B B C D YPAC Jember
Category: Defacement
Content: The group claims to have defaced the website of SDL B B C D YPAC Jember
Date: 2026-02-03T06:08:23Z
Network: telegram
Published URL: https://t.me/c/3664625363/113
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a09c21c7-e2f7-4a8a-b217-339423ee8be9.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: sdl b b c d ypac jember
Victim Site: sdlbbcdypacjember.sch.id
BABAYO EROR SYSTEM targets the website of SLB Bhineka Pas
Category: Defacement
Content: The group claims to have defaced the website of SLB Bhineka Pas
Date: 2026-02-03T06:01:13Z
Network: telegram
Published URL: https://t.me/c/3664625363/113
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b35d81ff-1199-41eb-b409-8214e14bc312.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: slb bhineka pas
Victim Site: slbbhinekapas.sch.id
Alleged leak of Chinese project and employee data
Category: Data Breach
Content: The threat actor claims to have leaked the dataset of Chinese project and employee data.
Date: 2026-02-03T06:00:24Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Chinese-data-%E4%B8%AD%E5%9B%BD%E6%95%B0%E6%8D%AE-SnowSoul-ID-1240
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4add5f49-1ba2-4223-a4d5-b9046526d832.png
Threat Actors: SnowSoul
Victim Country: China
Victim Industry: Manufacturing & Industrial Products
Victim Organization: Unknown
Victim Site: Unknown
BABAYO EROR SYSTEM targets the website of SLBN Pembina Malang
Category: Defacement
Content: The group claims to have defaced the website of SLBN Pembina Malang
Date: 2026-02-03T05:52:35Z
Network: telegram
Published URL: https://t.me/c/3664625363/113
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0edfb308-7922-4cb6-b1a8-0c7e3b44e298.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: slbn pembina malang
Victim Site: slbnpembinamalang.sch.id
Alleged leak of Republica Dominicana Citizens Data
Category: Data Breach
Content: Threat Actor claims to be leaked Republica Dominicana Citizens Data. The leaked data allegedly includes id, cedula, valida, names ,last Names ,civil Status, birth Date, sex, birth Place, blood Type and occupation information.
Date: 2026-02-03T05:46:13Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-REPUBLICA-DOMINICANA-CITIZENS-LEAK-2026
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/33714f7f-1801-4133-909d-3ed972e75020.png
https://d34iuop8pidsy8.cloudfront.net/dd3ece17-d3a0-4bd3-b905-21ddbbd6eb54.png
Threat Actors: HatsuneM1ku
Victim Country: Dominican Republic
Victim Industry: Government & Public Sector
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of data from South Korea
Category: Data Breach
Content: The threat actor claim to be leaked data from South Korea. The compromised data reportedly contain 408,000 records includes personal, contact, and account related information
Date: 2026-02-03T05:41:27Z
Network: openweb
Published URL: https://bhf.pro/threads/719083/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4e7f2d16-a70f-4b80-8295-a3f2e7173d05.png
Threat Actors: Steamulytor
Victim Country: South Korea
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of data from Wer liefert was
Category: Data Breach
Content: The threat actor claims to be selling a dataset of Wer liefert was, the dataset contains 437,000 records includes id, slug, name, zip, city, street, house Number, state, country Code, latitude, longitude, category, phone, fax, website, email, linkedin, xing, facebook, instagram, twitter, youtube, description, employees and turnover information.
Date: 2026-02-03T05:00:13Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-437k-Germany-www-wlw-de-Business-contacts-and-professional-directory-data-includi
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fec2be54-bebc-46cc-82dd-31bdb0dc749d.png
Threat Actors: Dripper
Victim Country: Germany
Victim Industry: Marketing, Advertising & Sales
Victim Organization: wer liefert was
Victim Site: wlw.de
BABAYO EROR SYSTEM targets the website of SLB Al Khariq
Category: Defacement
Content: The group claims to have defaced the website of SLB Al Khariq
Date: 2026-02-03T04:26:37Z
Network: telegram
Published URL: https://t.me/c/3664625363/110
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f0804c52-aa45-4816-aecd-1f9e15752d4a.png
https://d34iuop8pidsy8.cloudfront.net/cf8bbf58-01bd-4ff9-aac5-543fae54ce92.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: slb al khariq
Victim Site: slbalkhariq.sch.id
BABAYO EROR SYSTEM targets the website of SMPLB Sumber Dharma
Category: Defacement
Content: The group claims to have defaced the website of SMPLB Sumber Dharma
Date: 2026-02-03T04:22:53Z
Network: telegram
Published URL: https://t.me/c/3664625363/110
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ac573396-25e2-41e3-b015-4e5251ada3cc.png
https://d34iuop8pidsy8.cloudfront.net/a8a85ee4-c21c-4f59-8369-1225f13b6156.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: smplb sumber dharma
Victim Site: smplbsumberdharma.sch.id
BABAYO EROR SYSTEM targets the website of SLB Bhakti Luhur Kota Madiun
Category: Defacement
Content: The group claims to have defaced the website of SLB Bhakti Luhur Kota Madiun
Date: 2026-02-03T04:21:38Z
Network: telegram
Published URL: https://t.me/c/3664625363/110
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0c7597d6-3fc7-42fb-80b1-35ad928cc0fc.png
https://d34iuop8pidsy8.cloudfront.net/46e7861f-1330-474e-8ce8-cb53d5868d00.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: slb bhakti luhur kota madiun
Victim Site: slbbhaktiluhurkotamadiun.sch.id
BABAYO EROR SYSTEM targets the website of pklkshafa.sch.id
Category: Defacement
Content: The group claims to have defaced the website of pklkshafa.sch.id
Date: 2026-02-03T04:09:33Z
Network: telegram
Published URL: https://t.me/c/3664625363/110
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9a0be587-0bde-42b2-8e43-433eae77a745.png
https://d34iuop8pidsy8.cloudfront.net/c8ae4fb3-1423-4edc-ad9b-b5f1811010be.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: pklkshafa.sch.id
Alleged sale of data from Mayflower
Category: Data Breach
Content: The threat actor claims to be selling a dataset of Mayflower, the dataset contains ~243,000 records includes id, full name, email, phone number, review text, rating, service type, booking id and created at information.
Date: 2026-02-03T03:51:49Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-243k-Malaysia-https-www-mayflower-com-my-User-reviews-and-service-feedback-dat
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ccd025cf-d52e-4e10-983b-efcf037f2167.png
Threat Actors: Dripper
Victim Country: Malaysia
Victim Industry: Leisure & Travel
Victim Organization: mayflower
Victim Site: mayflower.com.my
BABAYO EROR SYSTEM targets the website of Yayasan Pendidikan Autis Mutiara Hati
Category: Defacement
Content: The group claims to have defaced the website of Yayasan Pendidikan Autis Mutiara Hati
Date: 2026-02-03T03:48:33Z
Network: telegram
Published URL: https://t.me/c/3664625363/110
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fadc5b36-a997-4718-b98d-f586caa53dee.png
https://d34iuop8pidsy8.cloudfront.net/020d0f12-cf1d-4d57-b84b-d4cbc2b1df8a.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: yayasan pendidikan autis mutiara hati
Victim Site: ypamutiarahati.sch.id
Alleged data breach of Universitas Negeri Medan
Category: Data Breach
Content: The threat actor claims to have breached the database of Universitas Negeri Medan, the dataset contains student pesonal records.
Date: 2026-02-03T03:46:18Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-Leaked-Database-of-Medan-State-University-indonesian-university
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ea1f3f37-5e2d-4b22-981d-2e326555b17f.png
Threat Actors: anim3
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: universitas negeri medan
Victim Site: unimed.ac.id
BABAYO EROR SYSTEM targets the website of SLB B Dharma Wanita Sidoarjo
Category: Defacement
Content: The group claims to have defaced the website of SLB B Dharma Wanita Sidoarjo
Date: 2026-02-03T03:43:05Z
Network: telegram
Published URL: https://t.me/c/3664625363/110
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7f7ef968-eeee-4be0-895a-d7f83d11fcc5.png
https://d34iuop8pidsy8.cloudfront.net/2f31f9f5-9860-4867-ba55-ab6bcb4ed91b.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: slb b dharma wanita sidoarjo
Victim Site: slbbdharmawanitasidoarjo.sch.id
Alleged leak of login credentials to HideZeroOne
Category: Data Breach
Content: The Group claims to have leaked login credentials from HideZeroOne
Date: 2026-02-03T03:16:54Z
Network: telegram
Published URL: https://t.me/c/1943303299/1043529
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3a97e4a1-10ad-4aea-9f12-8e080b4c9196.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Professional Training
Victim Organization: hidezeroone
Victim Site: vip.hide01.ir
Alleged Sale Of Data From HIMS University
Category: Data Breach
Content: The threat actor claims to be selling data from HIMS University. The compromised data reportedly contain 28,124 records includes personal, contact, account related information
Date: 2026-02-03T03:07:43Z
Network: openweb
Published URL: https://darkforums.io/Thread-Selling-EGYPT-HIMS-University-Database-Full-Leak-28k-Records-Payment-Gateway-API
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a9c1b9bd-a997-4fb1-b2d2-8d960fae8a55.png
https://d34iuop8pidsy8.cloudfront.net/7183a8b7-9f75-45e8-b16a-640a05f3ed43.png
Threat Actors: quellostanco
Victim Country: Egypt
Victim Industry: Education
Victim Organization: hims university
Victim Site: hims.edu.eg
Alleged sale of data from Sportsentry
Category: Data Breach
Content: The threat actor claims to be selling a dataset of Sportsentry, the dataset contains 457,000 records includes registration date, event id, event name, user id, first name, last name, email, phone, birthday, gender, address, entry category, status and attendance flag information.
Date: 2026-02-03T02:59:38Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-457k-Japan-https-www-sportsentry-ne-jp-Sports-event-registrations-and-attendanc
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e37be5e5-b89c-4987-80db-00e1f8a11901.png
Threat Actors: Dripper
Victim Country: Japan
Victim Industry: Sports
Victim Organization: sportsentry
Victim Site: sportsentry.ne.jp/
Alleged sale of travel.co.jp data
Category: Data Breach
Content: The threat actor claims to be selling a dataset of travel.co.jp; the dataset contains 419,000 records like hotel and restaurant information, availability data, pricing details, and location metadata.
Date: 2026-02-03T02:43:54Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-419k-Japan-https-www-travel-co-jp-Comprehensive-travel-data-hotel-restaurant-st
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/508bedb9-a8fa-4cc3-ad2d-2eabe3ed32f5.png
Threat Actors: Dripper
Victim Country: Japan
Victim Industry: Hospitality & Tourism
Victim Organization: travel.co.jp
Victim Site: travel.co.jp
Alleged leak of login credentials to Pares&Alvarez
Category: Data Breach
Content: The Group claims to have leaked login credentials from Pares&Alvarez
Date: 2026-02-03T01:52:19Z
Network: telegram
Published URL: https://t.me/c/1943303299/1045155
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/95e92bba-daae-4490-9181-5ea9cb111a62.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Chile
Victim Industry: Mining/Metals
Victim Organization: pares&alvarez
Victim Site: pya.cl
Alleged leak of login credentials to Playtika
Category: Data Breach
Content: The Group claims to have leaked login credentials from Playtika
Date: 2026-02-03T01:10:51Z
Network: telegram
Published URL: https://t.me/c/1943303299/1043564
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e38407ab-caa0-41bd-ae1b-4d8f502cc87c.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Israel
Victim Industry: Gaming
Victim Organization: playtika
Victim Site: playtika.com
Alleged leak of login credentials to Moon Active
Category: Data Breach
Content: The Group claims to have leaked login credentials from Moon Active
Date: 2026-02-03T01:10:13Z
Network: telegram
Published URL: https://t.me/c/1943303299/1043575
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3ab1f823-beeb-4a0f-a0f0-9b589f1ef6d0.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Israel
Victim Industry: Gaming
Victim Organization: moon active
Victim Site: moonactive.com
Alleged leak of login credentials to International Securities
Category: Data Breach
Content: The Group claims to have leaked login credentials from International Securities.
Date: 2026-02-03T01:01:49Z
Network: telegram
Published URL: https://t.me/c/1943303299/1043674
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ea57eb65-339c-4704-aa09-a2bab5df01f1.png
Threat Actors: A K U L A v 2 . 2
Victim Country: UAE
Victim Industry: Financial Services
Victim Organization: international securities
Victim Site: intlsecurities.ae
Alleged sale of Clubforce data
Category: Data Breach
Content: The threat actor claims to be selling the dataset of Clubforce; the dataset contains 327,000 records related to active club member statistics and scoring data.
Date: 2026-02-03T00:52:51Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-327k-Ireland-https-www-clubforce-com-Active-club-member-stats-and-scores-databa
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c00c1e06-4a82-42e9-bdfc-deb146fe19c2.png
Threat Actors: Dripper
Victim Country: Ireland
Victim Industry: Sports
Victim Organization: clubforce
Victim Site: clubforce.com
Alleged sale of Bhinneka data
Category: Data Breach
Content: The threat actor claims to be selling Bhinneka user data; The dataset includes account credentials and contact information.
Date: 2026-02-03T00:33:18Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-624k-Indonesia-https-www-bhinneka-com-User-credentials-and-contact-informatio
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4f611004-45bb-49fa-bfd4-56d9953734d2.png
Threat Actors: Dripper
Victim Country: Indonesia
Victim Industry: E-commerce & Online Stores
Victim Organization: bhinneka
Victim Site: bhinnekka.com
Alleged data breach of Lawrence Livermore National Laboratory
Category: Data Breach
Content: The group claims to have leaked 15 TB of data from Lawrence Livermore National Laboratory. The compromised data includes sensitive data documents and files encompassing millions of images millions of engineering and technical blueprints and classified internal video recordings and footage.
Date: 2026-02-03T00:26:20Z
Network: telegram
Published URL: https://t.me/n2LP_wVf79c2YzM0/3548
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b90e9470-2533-4917-a2c9-0c889dcdf456.png
https://d34iuop8pidsy8.cloudfront.net/9284e662-d5d6-4bc6-920a-9e5dabd69eb8.png
Threat Actors: Infrastructure Destruction Squad
Victim Country: USA
Victim Industry: Research Industry
Victim Organization: lawrence livermore national laboratory
Victim Site: llnl.gov
Alleged sale of ClickIndia data
Category: Data Breach
Content: The threat actor claims to be selling ClickIndia user data; the dataset contains 742,000 user records.
Date: 2026-02-03T00:22:46Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-742k-india-https-www-clickindia-com-User-records-with-emails-names-mobiles-acco
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/97bf4fe2-3bfe-4ab7-beab-5701bd29cc43.png
Threat Actors: Dripper
Victim Country: India
Victim Industry: E-commerce & Online Stores
Victim Organization: clickindia
Victim Site: clickindia.com
Alleged Sale of Network Target Finder
Category: Malware
Content: Threat actor claims to be selling a network reconnaissance and target discovery tool named Network Target Finder, advertised as a universal solution for identifying administrative panels, vulnerable WordPress installations, and other web resources. The tool allegedly supports high-performance multithreaded scanning, HTTP/HTTPS requests, DNS resolution, Tor integration, and multiple target formats including domains, IP:port pairs, and email addresses.
Date: 2026-02-03T00:14:38Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275092/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/faa9c826-39c0-45b1-8dcf-a9c9936b0709.png
https://d34iuop8pidsy8.cloudfront.net/1daadc7d-26f4-40f2-bdf4-f0c421a9a9cd.png
https://d34iuop8pidsy8.cloudfront.net/cfb52a69-a116-4efa-a6a7-1b55925ff6ca.png
https://d34iuop8pidsy8.cloudfront.net/125adfa7-381c-4d4c-ac9e-dc94fa06b26e.png
https://d34iuop8pidsy8.cloudfront.net/caf5cb43-51c1-4f19-ae00-11f15a5e5ec4.png
https://d34iuop8pidsy8.cloudfront.net/4f9116c5-6836-4f9a-a110-8fe25791d538.png
Threat Actors: darksoftware
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown