1. Executive Summary
On February 7, 2026, a surge in cyber activity was documented across multiple networks, including the Open Web, Telegram, and Tor. The incidents primarily consist of Data Breaches (71%), Initial Access Sales (14%), and Web Defacements (12%). Geographic targeting was diverse, with heavy concentrations in Turkey, France, Saudi Arabia, and the United States. Notable victims include government ministries, educational institutions like Harvard University, and critical infrastructure components such as SCADA systems.+4
2. Incident Classification & Trends
A. Data Breaches and Exfiltration
This remains the dominant threat category. High-impact events include:
- Government & Public Sector: Multiple leaks targeted the UAE Ministry of Interior and the Saudi Arabian Ministry of Justice and State Properties General Authority. In France, the Agence Nationale des Titres Sécurisés (ANTS) reportedly suffered a massive breach involving over 13 million user records.+4
- Educational Institutions: Significant data leaks affected Harvard University (5.06 GB of student records), Istanbul University, and Near East University.+2
- Massive PII Leaks: A breach of ManoMano in France allegedly exposed 37.8 million user records. In the US, a threat actor claimed to have a database containing 2.7 billion SSN records.+1
B. Initial Access Brokerage
Threat actors are actively monetizing unauthorized access to corporate environments:
- Critical Sectors: Access to an unidentified Australian mining company and an Iraqi bank was put up for sale.+1
- Administrative Control: A “major international sportsbook platform” had its master portal access offered, potentially impacting 90,000 agent websites.
- Industrial Risks: A breach of a SCADA system in Spain was reported, with actors claiming the ability to manipulate pumps and valves.
C. Hacktivism and Defacement
Groups like BABAYO EROR SYSTEM and NOCTURNA 1553 were highly active, defacing websites across India, Indonesia, Bangladesh, and the UK. These actions appear aimed at reputational damage rather than data theft.+2
3. Notable Threat Actors
The following actors demonstrated high frequency or high-impact capabilities: | Threat Actor | Primary Activity | Key Targets | | :— | :— | :— | | A K U L A v 2 . 2 | Credential Leaks | UAE & Saudi Government Ministries | | RED EYES | Turkish Data Leaks | Police databases, Universities, Refugee data | | Kirigaya | Large-scale Breaches | ANTS (France), ManoMano, France Travail | | p0ppin | US Software/IT | Tech Twitter, Clypboard, Pocomos | | Saturned33 | Shell Access | Organizations in Iran, Egypt, and Venezuela |+4
4. Regional Impact Analysis
Turkey and Middle East
Turkey was the most frequently targeted nation on this date, with RED EYES leaking sensitive police, refugee, and citizen data. In the Middle East, government infrastructure in Saudi Arabia, UAE, and Iraq faced consistent credential-stuffing or phishing-related leaks.+4
France
France experienced a concentrated wave of attacks on public and private sectors. Beyond ANTS and ManoMano, the Fédération Française de Tennis de Table and Bourse des Vols were also compromised.+1
United States
Incidents ranged from aviation maintenance records (Avelo Airlines) to healthcare (Southern Illinois Dermatology) and education (Tulare City Schools). The sale of 7TB of data from Safe Home Security Inc. represents a significant physical security risk.+3
5. Technical Observations
- Vulnerable Platforms: WordPress shops in Germany and Spain were specifically targeted for administrative access sales.+1
- Emerging Malware Tools: The sale of “Crypto Balance Checker 2026” and “ShadowRipper” indicates a robust market for tools designed to automate the theft and processing of cryptocurrency credentials.+1
- Ransom Operations: Actors such as vexin and duxy are actively using BreachForums to announce ransoms for organizations like Auvo (Brazil) and Mutualista Imbabura (Ecuador).+2
6. Conclusion
The cyber events of February 7, 2026, illustrate a pervasive threat to global data integrity. The high volume of government-related credential leaks suggests a coordinated effort to undermine public sector security in the MENA region. Simultaneously, the massive scale of PII leaks in Europe and the US highlights the ongoing vulnerability of large consumer databases.
The convergence of Initial Access sales and industrial control system (SCADA) breaches marks a dangerous trend where digital compromises can lead to physical operational disruptions. Organizations are advised to prioritize multi-factor authentication (MFA), audit RDP/VPN access, and enhance monitoring of dark web forums for leaked credentials.
Detected Incidents Draft Data
- Alleged leak of login credentials to the email service platform of UAEs Ministry of Interior
Category: Data Breach
Content: The group claims to have leaked the login credentials to the email service platform of the United Arab Emirates’ Ministry of Interior.
Date: 2026-02-07T23:54:07Z
Network: telegram
Published URL: https://t.me/c/1943303299/1060133
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/439f2323-9a37-4e97-b5d1-0bd9a362431d.png
Threat Actors: A K U L A v 2 . 2
Victim Country: UAE
Victim Industry: Government Administration
Victim Organization: ministry of interior
Victim Site: mail.moi.gov.ae - Alleged leak of login credentials to State Properties General Authority
Category: Data Breach
Content: The group claims to have leaked the login credentials to State Properties General Authority
Date: 2026-02-07T23:37:31Z
Network: telegram
Published URL: https://t.me/c/1943303299/1060458
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/925e4352-6900-4426-90e4-bdf154f335e5.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Saudi Arabia
Victim Industry: Government Administration
Victim Organization: state properties general authority
Victim Site: spga.gov.sa - Alleged data breach of Polat Yol Yapi
Category: Data Breach
Content: The group claims to have breached the systems and leaked corporate files of Polat Yol Yapi in Turkey.
Date: 2026-02-07T22:55:07Z
Network: telegram
Published URL: https://t.me/c/3470684086/805
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1e57a48e-4b27-4338-9a8d-65a1c117224a.png
https://d34iuop8pidsy8.cloudfront.net/da39ae8f-5e10-4129-8656-7b453ae63416.png
https://d34iuop8pidsy8.cloudfront.net/d6212f17-4f32-4736-a261-1794222f51b9.png
Threat Actors: RED EYES
Victim Country: Turkey
Victim Industry: Building and construction
Victim Organization: polat yol yapı san. ve tic. a.ş.
Victim Site: polatyol.com - Alleged Sale of Unauthorized RDP Access to an Unidentified Mining Company in Australia
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized RDP access to an Australian corporate network operating in the Minerals & Mining sector. The access reportedly includes domain user privileges, with the organization allegedly generating approximately $35,000 in revenue.
Date: 2026-02-07T22:36:28Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275500/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7e17836c-d5f6-4343-a4bf-0181c5a43497.png
Threat Actors: sudo
Victim Country: Australia
Victim Industry: Mining/Metals
Victim Organization: Unknown
Victim Site: Unknown - Alleged Sale of Unauthorized VPN Access to a Banking Institution in Iraq
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized VPN access to a banking organization in Iraq.
Date: 2026-02-07T22:31:11Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275501/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/82771e58-49bb-44f8-98d3-c665f1a764bc.png
Threat Actors: sudo
Victim Country: Iraq
Victim Industry: Banking & Mortgage
Victim Organization: Unknown
Victim Site: Unknown - Alleged Data Leak of an Unidentified Retail Company in UK
Category: Data Breach
Content: Threat Actor claims to have leaked the database of an unidentified retail company in the UK. The dataset reportedly comes from a February 2026 breach and contains approximately 92,000 lead records, including full names, email addresses, phone numbers, and country information. Also, around 47,000 phone numbers and approximately 90,000 email addresses are unique.
Date: 2026-02-07T21:49:45Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275496/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4856e933-fc0c-4877-8c78-05788a0aab04.png
Threat Actors: GeeksforGeeks
Victim Country: UK
Victim Industry: Retail Industry
Victim Organization: Unknown
Victim Site: Unknown - Alleged leak of login credentials to Investing.com
Category: Data Breach
Content: The group claims to have leaked the login credentials to Investing.com
Date: 2026-02-07T21:47:13Z
Network: telegram
Published URL: https://t.me/c/1943303299/1059881
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/52d1f014-bd7e-42de-b2cf-445b23c5e69d.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Saudi Arabia
Victim Industry: Financial Services
Victim Organization: investing.com
Victim Site: sa.investing.com - Alleged data breach of Pemuda Pancasila e-KTA system
Category: Data Breach
Content: The group claims to have breached the e‑KTA system of Pemuda Pancasila and leaked member‑related data, including identification details and digital ID cards.
Date: 2026-02-07T21:10:57Z
Network: telegram
Published URL: https://t.me/TestiCincau2/81
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/374a13ca-932e-4dcc-94c2-20cb0d5d85d8.png
Threat Actors: TESTI CINCAU
Victim Country: Indonesia
Victim Industry: Non-profit & Social Organizations
Victim Organization: pemuda pancasila
Victim Site: pemuda-pancasila.or.id - Alleged Sale of Unauthorized Admin Access to a WordPress Shop in Germany
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized admin access to a Germany-based WordPress e-commerce store, reporting approximately 16,216 total orders, including 640 in December, 660 in January, and 138 over the last 7 days. The store reportedly serves mainly German customers (80%) with the remaining 20% across the EU.
Date: 2026-02-07T21:03:24Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275495/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f6547d40-9433-4d32-b334-08a64abd496c.png
Threat Actors: ParanoiaDe
Victim Country: Germany
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Sale of Hotel CRM Leads in USA
Category: Data Breach
Content: Threat Actor claims to have obtained access to a large hotel CRM system containing US based guest and booking leads, reportedly sourced from hotels and villas. The database allegedly includes approximately 480,000 guest records, with exposed data said to contain reservation prices, full names, email addresses, and phone numbers.
Date: 2026-02-07T21:00:37Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275493/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3e6e4ef1-87ba-4f04-9be4-21ade1b148d4.png
Threat Actors: auroije
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged leak of login credentials to the email service platform of Ministry of Justice
Category: Data Breach
Content: The group claims to have leaked the login credentials to the email service platform of Ministry of Justice
Date: 2026-02-07T20:58:18Z
Network: telegram
Published URL: https://t.me/c/1943303299/1060123
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9c673b07-fd8e-4ae2-b0c6-a892a74da790.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Saudi Arabia
Victim Industry: Government Administration
Victim Organization: ministry of justice
Victim Site: mail.moj.gov.sa - Alleged sale of France business data
Category: Data Breach
Content: Threat actor clams to be selling 350,000 records of business B2B data from France.
Date: 2026-02-07T19:49:42Z
Network: openweb
Published URL: https://breachforums.bf/Thread-FRENCH-DATA-B2B-350k
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2b306b10-6cde-4360-993b-2fc74a7480ef.png
Threat Actors: ANONIMOS48
Victim Country: France
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - NOCTURNA 1553 targets the website of Admintree
Category: Defacement
Content: The group claims to have defaced the website of Admintree
Date: 2026-02-07T19:49:23Z
Network: telegram
Published URL: https://t.me/c/2490485755/19728
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/621015e2-2d06-4d5b-a396-641ba18019d6.png
Threat Actors: NOCTURNA 1553
Victim Country: UK
Victim Industry: Information Technology (IT) Services
Victim Organization: gram techologies limited.
Victim Site: admintree.co.uk - Alleged Sale of Ready LinkedIn Accounts
Category: Data Breach
Content: Threat Actor claims to be selling pre-configured ready LinkedIn accounts profiles. The accounts are provided in email:password format, with pricing based on the number of connections.
Date: 2026-02-07T18:54:06Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275482/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a5e7289f-4f07-4960-8ee7-8b48d257c36d.png
Threat Actors: brad1.vaug1
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged sale of French home owners data
Category: Data Breach
Content: Threat actor claims to be selling leaked French home owners data. The compromised data reportedly contains 555,000 records including name, address, phone number, etc
Date: 2026-02-07T18:22:08Z
Network: openweb
Published URL: https://breachforums.bf/Thread-france-data-home-owner-555k
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b4e973d5-e7f2-4ed8-8bd0-9eeb47ada328.png
Threat Actors: ANONIMOS48
Victim Country: France
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data sale of TheKey (Ukraine)
Category: Data Breach
Content: Threat actor claims to be selling leaked Ukraine related database of TheKey, based in USA. The compromised data reportedly contains over 200,000 records including order no, customer name, customer phone number, customer email, etc.
Date: 2026-02-07T17:59:29Z
Network: openweb
Published URL: https://darkforums.me/Thread-Selling-Thekey-com-%F0%9F%87%BA%F0%9F%87%A6-UA-Database-2026
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7e5a7f0f-1db5-454b-af50-b644b60945b4.png
Threat Actors: Databroque
Victim Country: Ukraine
Victim Industry: Hospital & Health Care
Victim Organization: thekey
Victim Site: thekey.com - Alleged Sale of Unauthorized Admin Access to a WordPress Shop in Spain
Category: Initial Access
Content: Threat Actor claims to be selling unauthorized admin access to a WordPress shop in Spain.
Date: 2026-02-07T17:39:06Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275481/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3d2f790e-22d2-41c9-a31a-cc7130a7f29a.png
Threat Actors: Shopify
Victim Country: Spain
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Unauthorized Access to SCADA System in Spain
Category: Initial Access
Content: The group claims to have gained unauthorized access to an unidentified SCADA system in Spain, reportedly manipulate pumps, valves, and blower controls, which may cause operational instability and potential safety and environmental risks.
Date: 2026-02-07T17:27:58Z
Network: telegram
Published URL: https://t.me/zpentestalliance/1052
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/64af6f31-5523-4119-9dbb-817e8eec4d11.png
https://d34iuop8pidsy8.cloudfront.net/a2c82673-eb75-4a7e-bd93-f5408ad0e3d3.png
https://d34iuop8pidsy8.cloudfront.net/644eac04-f735-4063-ab12-bd3477ef8b03.png
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: Spain
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data sale of Beauty Depot
Category: Data Breach
Content: Threat actor claims to be selling leaked data from Beauty Deport, Israel, the compromised data reportedly contains around 6,000 records, including first and last names, phone numbers, email addresses, residential addresses, zip codes, etc.
Date: 2026-02-07T17:17:33Z
Network: openweb
Published URL: https://darkforums.me/Thread-Selling-6k-Israel-Citizens-Personal-Identity-https-beautydepot-co-il
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c2ead003-1959-416e-9a54-818459027360.png
Threat Actors: Krypr
Victim Country: Israel
Victim Industry: E-commerce & Online Stores
Victim Organization: beauty depot
Victim Site: beautydepot.co.il - Alleged data breach of Bangladesh Geographic Information System
Category: Data Breach
Content: Threat actor claims to have breached data from Bangladesh Geographic Information System, reportedly exposing 708,000 records of data.
Date: 2026-02-07T16:32:02Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-www-gis-gov-bd
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/045806f8-0555-4468-b287-d05014cade86.png
Threat Actors: HXH_HAYXHACKER
Victim Country: Bangladesh
Victim Industry: Government Relations
Victim Organization: bangladesh geographic information system
Victim Site: gis.gov.bd - NOCTURNA 1553 targets the website of KBW Group
Category: Defacement
Content: The group claims to have defaced the website of KBW Group
Date: 2026-02-07T16:13:21Z
Network: telegram
Published URL: https://t.me/c/2490485755/19725
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/12f3f259-55c8-491e-883c-352c8909a229.png
Threat Actors: NOCTURNA 1553
Victim Country: Singapore
Victim Industry: Accounting
Victim Organization: kbw group
Victim Site: kbw.com.sg - Alleged sale of shell access to unidentified organization in iran
Category: Initial Access
Content: Threat actor claims to be selling unauthorized shell access to an unidentified organization in Iran
Date: 2026-02-07T14:52:02Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275462/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7a0e3045-ea75-49e4-b89a-b8fb82519585.png
Threat Actors: Saturned33
Victim Country: Iran
Victim Industry: Chemical Manufacturing
Victim Organization: Unknown
Victim Site: Unknown - Alleged Sale of Crypto Balance Checker 2026
Category: Malware
Content: The threat actor claims to be offering a tool named Crypto Balance Checker 2026, allegedly designed to check cryptocurrency wallet balances across multiple blockchain networks from a single interface. According to the post, the Windows-based software supports inputs such as seed phrases, private keys, and wallet-derived addresses to scan for available balances. The actor further claims the tool enables high-speed scanning, exportable results, and a user-friendly interface aimed at efficiency. Supported blockchains are said to include major networks such as Bitcoin, Ethereum, BNB Chain, Solana, Polygon, Avalanche, and others.
Date: 2026-02-07T14:48:44Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-Crypto-Balance-Checker-2026
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/af5f95f7-b337-4d2f-ae71-32c6f5183a29.jpg
Threat Actors: theranox
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Sale of Administrative Access to a Major International Sportsbook Platform
Category: Initial Access
Content: The threat actor claims to be offering administrative-level access to a major international sportsbook platform. The compromised master portal reportedly manages over 90,000 active agent websites operating across Asia and other global markets. The actor alleges that the access includes full transaction histories, sensitive financial data, back-end and back-office credentials, and comprehensive API documentation for agent and casino integrations. Additionally, the seller claims to have the ability to automatically credit agent and master agent accounts, potentially enabling large-scale financial abuse.
Date: 2026-02-07T14:42:26Z
Network: openweb
Published URL: https://breachforums.bf/Thread-For-sale-Admin-access-to-a-major-international-sportsbook-platform
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/65de732e-bee0-4a54-9731-55bb16b20c41.jpg
Threat Actors: taking0ver
Victim Country: Unknown
Victim Industry: Sports
Victim Organization: Unknown
Victim Site: Unknown - Alleged sale of shell access to unidentified Maritime Logistics company in Egypt
Category: Initial Access
Content: Threat actor claims to be selling unauthorized shell access to an unidentified Maritime Logistics company in Egypt.
Date: 2026-02-07T14:41:54Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275468/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5a3a99e1-d700-434d-966e-21ca26f0ced8.png
Threat Actors: Saturned33
Victim Country: Egypt
Victim Industry: Transportation & Logistics
Victim Organization: Unknown
Victim Site: Unknown - Alleged sale of shell access to unidentified Private Clinics company in Venezuela
Category: Initial Access
Content: Threat actor claims to be selling unauthorized shell access to an unidentified Private Clinics company in Venezuela.
Date: 2026-02-07T14:40:50Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275466/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/eac3ff10-3b27-46de-9a0c-2aea9b52f8fb.png
Threat Actors: Saturned33
Victim Country: Venezuela
Victim Industry: Hospital & Health Care
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of Serasa Experian
Category: Data Breach
Content: The threat actor claims to have breached 14.1 GB of data from Serasa Experian, allegedly including CPF (Brazilian tax ID), Full name, Gender and Date of birth
Date: 2026-02-07T14:37:31Z
Network: openweb
Published URL: https://darkforums.me/Thread-Serasa-Experian-Brazil
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cac9bf13-c2d5-4495-8d4e-c190b6fe7b25.JPG
Threat Actors: Kirigaya
Victim Country: Brazil
Victim Industry: Information Technology (IT) Services
Victim Organization: serasa experian
Victim Site: serasaexperian.com.br - Alleged sale of shell access to unidentified Fintech company in iran
Category: Initial Access
Content: Threat actor claims to be selling unauthorized shell access to an unidentified Fintech company in iran
Date: 2026-02-07T14:33:22Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275469/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0396933f-f474-4366-a85c-320d8aabe173.png
Threat Actors: Saturned33
Victim Country: Iran
Victim Industry: Financial Services
Victim Organization: Unknown
Victim Site: Unknown - Alleged leak of Rustafied Combo list
Category: Combo List
Content: The threat actor claims to have leaked combo list of Rustafied
Date: 2026-02-07T14:20:12Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Rustafied-com-Combolist
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6f598ea9-c5b7-4b06-b198-477ee1b3424f.JPG
Threat Actors: mazer
Victim Country: USA
Victim Industry: Information Technology (IT) Services
Victim Organization: rustafied
Victim Site: rustafied.com - Z-BL4CX-H4T.ID targets the website of Pusat Sosial Ekonomi dan Kebijakan Pertanian
Category: Defacement
Content: The group claims to have defaced the website of Pusat Sosial Ekonomi dan Kebijakan Pertanian.
Date: 2026-02-07T14:12:45Z
Network: telegram
Published URL: https://t.me/z_bl4cx_h4t_id/59
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3b42f85f-fb98-44dd-9895-d23344ecf2ef.png
Threat Actors: Z-BL4CX-H4T.ID
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: pusat sosial ekonomi dan kebijakan pertanian
Victim Site: psekp.setjen.pertanian.go.id - Alleged Data Leak of Jeffrey Epstein files
Category: Data Breach
Content: The threat actor claims to have leaked an alleged “Jeffrey Epstein client passwords” list.
Date: 2026-02-07T14:07:26Z
Network: openweb
Published URL: https://leakbase.la/threads/jeffrey-epstein-client-passwords-list.48772/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d946090f-aaeb-4a03-9ed1-9ade28edf4ab.png
Threat Actors: USDT
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of Istanbul University
Category: Data Breach
Content: The group claims to have breached 141.1 MB of data from Istanbul University , allegedly including personal data, names and result of students.
Date: 2026-02-07T14:02:58Z
Network: telegram
Published URL: https://t.me/c/3470684086/765
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/aee22fd2-21c7-412d-9833-1647dbc541ba.JPG
Threat Actors: RED EYES
Victim Country: Turkey
Victim Industry: Education
Victim Organization: istanbul university
Victim Site: istanbul.edu.tr - Alleged data leak of Turkish citizens ID
Category: Data Breach
Content: The group claims to have leaked photos and IDs of Turkish citizens
Date: 2026-02-07T13:55:09Z
Network: telegram
Published URL: https://t.me/c/3470684086/757
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a2635eeb-8355-4208-b1a1-6fe5d2e8c169.JPG
Threat Actors: RED EYES
Victim Country: Turkey
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged leak of Turkish Refugees Database
Category: Data Breach
Content: The group claims to have leaked a Turkish refugees database. The compromised data reportedly includes name, ID number, surname, mother’s name, father’s name, gender, and additional information.
Date: 2026-02-07T13:52:30Z
Network: telegram
Published URL: https://t.me/c/3470684086/825
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3c75e895-fe8f-4fbd-9a27-41af3af3b067.png
Threat Actors: RED EYES
Victim Country: Turkey
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of Matomo
Category: Data Breach
Content: The threat actor claims to have leaked data from Matomo. The compromised data reportedly contains 13,523 records.
Date: 2026-02-07T13:48:05Z
Network: openweb
Published URL: https://darkforums.me/Thread-matomo-org
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/551cfd0f-7233-4274-b67d-ca5d19454f45.png
Threat Actors: Kirigaya
Victim Country: New Zealand
Victim Industry: Software Development
Victim Organization: matomo
Victim Site: matomo.org - Alleged leak of Turkish personal photos
Category: Data Breach
Content: The group claims to have leaked Turkish personal photos from a Turkish server.
Date: 2026-02-07T13:41:08Z
Network: telegram
Published URL: https://t.me/c/3470684086/757
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/29c4350a-6d0e-477d-9102-5fe93ac0bd49.png
Threat Actors: RED EYES
Victim Country: Turkey
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged leak of Turkish police database
Category: Data Breach
Content: The group claims to have leaked a Turkish police database containing information for all cities, allegedly including comprehensive records.
Date: 2026-02-07T13:37:40Z
Network: telegram
Published URL: https://t.me/c/3470684086/767
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2b1b5d41-1670-4da4-9aa1-054d326929f2.png
https://d34iuop8pidsy8.cloudfront.net/bcc68a7e-174a-43c5-a714-dab37e57432b.png
Threat Actors: RED EYES
Victim Country: Turkey
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data leak of Turkish citizens
Category: Data Breach
Content: The group claims to have leaked names and phone numbers of Turkish citizens
Date: 2026-02-07T13:35:03Z
Network: telegram
Published URL: https://t.me/c/3470684086/763
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/26e814cb-d3cc-4dc9-bf13-6e0fd7ca4a27.JPG
Threat Actors: RED EYES
Victim Country: Turkey
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Data Breach of CetteFamille
Category: Data Breach
Content: The threat actor claims to have leaked 41 GB of data from CetteFamille. The compromised data reportedly contains 333,417 documents covering the period from 2020 to 2026, as well as information related to 12,711 coordinators, including email addresses, names, first names, entry and exit dates, account activation status, and Salesforce account details.
Date: 2026-02-07T13:31:14Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-FR-CetteFamille-330K-Documents
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8f050db7-b3f5-4ec2-b5d9-f9b24d7a633f.png
Threat Actors: HexDex
Victim Country: France
Victim Industry: Individual & Family Services
Victim Organization: cettefamille
Victim Site: cettefamille.com - Alleged database leak of University students in Turkey
Category: Data Breach
Content: The group claims to have leaked a database containing university student data from Turkey.
Date: 2026-02-07T13:31:11Z
Network: telegram
Published URL: https://t.me/c/3470684086/764
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ee1bb2f7-a58d-4699-993d-4828a10a1527.png
Threat Actors: RED EYES
Victim Country: Turkey
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data leak of Satellite in turkey
Category: Data Breach
Content: The group claims to have leaked data from a satellite in Turkey.
Date: 2026-02-07T13:27:17Z
Network: telegram
Published URL: https://t.me/c/3470684086/764
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c207ebd6-72e2-4fc4-b1da-09750c6da276.png
Threat Actors: RED EYES
Victim Country: Turkey
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of Opusplus Mobile Technology Co., Ltd.
Category: Data Breach
Content: The threat actor claims to be leaked data from Opusplus Mobile Technology Co., Ltd.
Date: 2026-02-07T13:27:04Z
Network: openweb
Published URL: https://darkforums.me/Thread-DATABASE-myneighbor-com-tw
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6cd02beb-0aa1-42ce-831a-648f9e9b4626.jpg
Threat Actors: Kirigaya
Victim Country: Taiwan
Victim Industry: Information Technology (IT) Services
Victim Organization: opusplus mobile technology co., ltd.
Victim Site: myneighbor.com.tw - Alleged data leak of Turkey
Category: Data Breach
Content: The group claims to have leaked passwords and email addresses in Turkey.
Date: 2026-02-07T13:18:56Z
Network: telegram
Published URL: https://t.me/c/3470684086/764
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dac35082-1662-440b-a487-ab2a6b14bb60.png
Threat Actors: RED EYES
Victim Country: Turkey
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data sale of France Database
Category: Data Breach
Content: The threat actor claims to be selling 421.638 rows of France Database, allegedly including id,user_id,username,email,first_name,last_name,password and more.
Date: 2026-02-07T13:07:29Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-France-Database-421-6k
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/396c13ad-2c25-4c49-b0d9-94ccb656e719.JPG
Threat Actors: temporary
Victim Country: France
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data leak of Near East University
Category: Data Breach
Content: Group claims to have leaked data from Near East University. The compromised data reportedly contains personal information, photos and CV documents.
Date: 2026-02-07T13:00:59Z
Network: telegram
Published URL: https://t.me/c/3470684086/757
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dc1cc821-c31e-42ca-9056-a0cb905c23c7.png
Threat Actors: RED EYES
Victim Country: Turkey
Victim Industry: Education
Victim Organization: near east university
Victim Site: neu.edu.tr - Alleged Unauthorized Access to a inohom Smart Home Systems in Turkey
Category: Initial Access
Content: The group claims to have accessed a unidentified inohom Smart Home Systems in Turkey.
Date: 2026-02-07T12:56:57Z
Network: telegram
Published URL: https://t.me/c/2705921599/176
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8a4580ca-1b3d-4c3d-a8bd-5a2462792362.jpg
Threat Actors: Sy-Root
Victim Country: Turkey
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Data Breach of Tech Twitter
Category: Data Breach
Content: The threat actor claims to have breached 1.000 data from Tech Twitter. The compromised data reportedly includes ID, Twitter user ID, handle, name, bio, avatar URL, banner URL, and additional information.
Date: 2026-02-07T12:41:23Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-techtwitter-com
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9fa234a7-630c-4c9e-be87-2d8f87a49f18.png
Threat Actors: p0ppin
Victim Country: Unknown
Victim Industry: Information Technology (IT) Services
Victim Organization: tech twitter
Victim Site: techtwitter.com - Alleged data sale of POCOMOS
Category: Data Breach
Content: The threat actor claims to be selling 19.000 rows of data from POCOMOS, allegedly including id,name,phone,primary_email,address,zip,status and more.
Date: 2026-02-07T12:38:25Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-pocomos-com-19k
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/aeb94dc0-2a97-42e9-bd56-808b4e2dba7b.JPG
Threat Actors: p0ppin
Victim Country: USA
Victim Industry: Software
Victim Organization: pocomos
Victim Site: pocomos.com - Alleged data breach of Cashpoint
Category: Data Breach
Content: The threat actor claims to have breached 5.3 GB of records from Cashpoint.
Date: 2026-02-07T12:30:58Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-CashPoint-ua-Data-Breach-5-3%C2%A0GB-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/53ea572a-5bea-4923-9f31-d564e347c5ef.png
Threat Actors: CHONG
Victim Country: Ukraine
Victim Industry: Financial Services
Victim Organization: cashpoint
Victim Site: cashpoint.ua - Alleged data breach of Clypboard
Category: Data Breach
Content: The threat actor claims to be in possession of an alleged database belonging to Clypboard. The exposed data allegedly contains around 6,000 records, including customer and user details such as names, email addresses, phone numbers, and location information. The actor further claims that the dataset includes billing-related fields, contract details, and internal operational metadata extracted from the platform.
Date: 2026-02-07T12:28:25Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-clypboard-com
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1a436397-8fa6-4156-a217-231c41383d11.jpg
Threat Actors: p0ppin
Victim Country: USA
Victim Industry: Software
Victim Organization: clypboard
Victim Site: clypboard.com - Alleged data breach of Eurotech, Inc.
Category: Data Breach
Content: The threat actor claims to have breached 28.000 rows of data from Eurotech, Inc., allegedly including id,customer_name,contract_start_date,phone_number and more.
Date: 2026-02-07T12:25:09Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-eurotechinc-net-28k
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/011009af-2d56-46df-a1dc-0749dd13bc51.JPG
Threat Actors: p0ppin
Victim Country: USA
Victim Industry: Architecture & Planning
Victim Organization: eurotech, inc.
Victim Site: eurotechinc.net - Alleged leak of login credentials to National Unified Access system
Category: Data Breach
Content: The group claims to have leaked login credentials to National Unified Access system
Date: 2026-02-07T12:10:22Z
Network: telegram
Published URL: https://t.me/c/1943303299/1059064
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f5031268-fe0b-4d21-ad41-fda379ad78c7.JPG
Threat Actors: A K U L A v 2 . 2
Victim Country: Saudi Arabia
Victim Industry: Government Administration
Victim Organization: national unified access system
Victim Site: iam.gov.sa - Alleged data breach of Southern Illinois Dermatology
Category: Data Breach
Content: Threat actor claims to have leaked sensitive data from Southern Illinois Dermatology
Date: 2026-02-07T11:28:10Z
Network: tor
Published URL: http://i62huw7ve22rpyw6lnq3kmfump2dmsg4xpveec3ere73njwatrz74gad.onion/Company/SouthernIllinoisDermatology/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4161028c-5149-4470-83a8-ca498a40910d.JPG
Threat Actors: INSOMNIA
Victim Country: USA
Victim Industry: Hospital & Health Care
Victim Organization: southern illinois dermatology
Victim Site: siderm.com - Alleged data breach of Optimum Health Institute
Category: Data Breach
Content: The threat actor claims to be in possession of sensitive internal data allegedly belonging to Optimum Health Institute. The exposed data includes internal documents, employee-related records, and financial or administrative files.
Date: 2026-02-07T11:15:55Z
Network: tor
Published URL: https://i62huw7ve22rpyw6lnq3kmfump2dmsg4xpveec3ere73njwatrz74gad.onion/Company/OHI/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1a4d3850-6e39-4fae-8066-302fa2c7570a.jpg
Threat Actors: INSOMNIA
Victim Country: USA
Victim Industry: Hospital & Health Care
Victim Organization: optimum health institute
Victim Site: optimumhealth.org - Alleged data breach of Parts Life, Inc.
Category: Data Breach
Content: Threat actor claims to have leaked sensitive data from Parts Life, Inc.
Date: 2026-02-07T11:10:30Z
Network: tor
Published URL: http://i62huw7ve22rpyw6lnq3kmfump2dmsg4xpveec3ere73njwatrz74gad.onion/Company/PartsLife/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8bf4eeac-90e7-4c42-92a6-ce3ab8f4cf5d.JPG
Threat Actors: INSOMNIA
Victim Country: USA
Victim Industry: Defense & Space
Victim Organization: parts life, inc.
Victim Site: partslifeinc.com - Alleged sale of 300 USA CC
Category: Data Breach
Content: The threat actor is offering to sell 300 USA CC data in a cybercrime forum.
Date: 2026-02-07T10:55:06Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275445/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/92e9ae77-1f3b-4536-8a9f-2163ed2cfa49.png
Threat Actors: Billiona1re
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged data breach of Cepu Education Group
Category: Data Breach
Content: The threat actor claims to have breached the data of Cepu Education Group
Date: 2026-02-07T10:22:04Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Italian-Schools-Database-CEPU-and-Grandi-Scuole
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/88e266d3-847f-48a9-9bd7-a89128f96309.JPG
Threat Actors: littlestjeff1
Victim Country: Italy
Victim Industry: Education
Victim Organization: cepu education group
Victim Site: cepugroup.com - Alleged data breach of Grandi Scuole
Category: Data Breach
Content: The threat actor claims to have breached the data of Grandi Scuole
Date: 2026-02-07T10:12:00Z
Network: openweb
Published URL: http://breachforums.bf/Thread-Italian-Schools-Database-CEPU-and-Grandi-Scuole
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d51662ea-53fd-43aa-b54f-2eb194f5d32f.JPG
Threat Actors: littlestjeff1
Victim Country: Italy
Victim Industry: Education
Victim Organization: grandi scuole
Victim Site: grandiscuole.it - BABAYO EROR SYSTEM targets the website of uprafi5.upriseindia.site
Category: Defacement
Content: The Group claims to have defaced the website of uprafi5.upriseindia.site.
Date: 2026-02-07T09:18:04Z
Network: telegram
Published URL: https://t.me/c/3664625363/177
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a7d27477-1c2d-4a72-a5c4-acbf9a88033e.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: India
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: uprafi5.upriseindia.site - BABAYO EROR SYSTEM targets the website of WEB WORLD
Category: Defacement
Content: The Group claims to have defaced the website of WEB WORLD.
Date: 2026-02-07T09:11:27Z
Network: telegram
Published URL: https://t.me/c/3664625363/177
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/81ebf365-2147-46a2-bcb1-6e3f38f22eb6.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Bangladesh
Victim Industry: Information Technology (IT) Services
Victim Organization: web world
Victim Site: webworld.com.bd - BABAYO EROR SYSTEM targets the website of nizam.attcpdm.xyz
Category: Defacement
Content: The group claims to have defaced the website of nizam.attcpdm.xyz
Date: 2026-02-07T08:16:12Z
Network: telegram
Published URL: https://t.me/c/3664625363/177//
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/de43525b-8215-4f9b-bc90-fc1d0d9dd6d1.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: nizam.attcpdm.xyz - BABAYO EROR SYSTEM targets the website of kedaioya.mysipo.web.id
Category: Defacement
Content: The Group claims to have defaced the website of kedaioya.mysipo.web.id
Date: 2026-02-07T08:15:07Z
Network: telegram
Published URL: https://t.me/c/3664625363/177
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6f8fe37c-0056-4c0d-8d72-18f62ee0c09d.png
https://d34iuop8pidsy8.cloudfront.net/c8dfabac-d7cc-4285-95dc-87937f2d1324.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Indonesia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: kedaioya.mysipo.web.id - BABAYO EROR SYSTEM targets the website of attcpdm.xyz
Category: Defacement
Content: The group claims to have defaced the website of attcpdm.xyz
Date: 2026-02-07T08:00:19Z
Network: telegram
Published URL: https://t.me/c/3664625363/177
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/faede6b3-7dc2-47c2-a9ea-f687b4748736.JPG
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: sonaly.attcpdm.xyz - BABAYO EROR SYSTEM targets the website of Cyber Hosting
Category: Defacement
Content: The group claims to have defaced the website of Cyber Hosting
Date: 2026-02-07T07:55:28Z
Network: telegram
Published URL: https://t.me/c/3664625363/177
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/eaa441e0-4795-4e8a-9570-39f1364a1a85.JPG
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Turkey
Victim Industry: Information Technology (IT) Services
Victim Organization: cyber hosting
Victim Site: ewdila47.siberhosting.com - Cyber Attack Hits Tulare City School District
Category: Cyber Attack
Content: Tulare City Schools in California experienced a network security incident that disrupted its systems and forced the district to take affected networks offline while investigating the issue; officials confirmed that they engaged cybersecurity specialists to assess the situation, notified law enforcement, and began recovery efforts, although details about the nature of the breach and the extent of data compromise were not publicly disclosed at the time of reporting, and the district urged parents and staff that operations and communication services might remain impacted as they worked to restore full functionality.
Date: 2026-02-07T07:52:58Z
Network: openweb
Published URL: https://dysruptionhub.com/tulare-city-schools-network-incident-ca/
Screenshots:
None
Threat Actors: Unknown
Victim Country: USA
Victim Industry: Education
Victim Organization: tulare city school district
Victim Site: tcsdk8.org - Alleged Data Breach of Fédération Française de Tennis de Table
Category: Data Breach
Content: The threat actor claims to be leaked data from Fédération Française de Tennis de Table. The compromised data reportedly contain 2,743,627 records including First and last names, Dates of birth, Email addresses, Residential address, Phone numbers, Gender identifiersNote: This organization was previously breached on September 2025
Date: 2026-02-07T07:16:54Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-FR-2M-F%C3%A9d%C3%A9ration-Fran%C3%A7aise-de-Tennis-de-Table
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/67facaaa-d0a1-4778-bcf8-7c0892443aca.png
Threat Actors: HexDex
Victim Country: France
Victim Industry: Sports
Victim Organization: fédération française de tennis de table
Victim Site: fftt.com - Alleged Data Breach of Avelo Airlines
Category: Data Breach
Content: Threat actor claims to be selling internal maintenance documentation related to Avelo Airlines aircraft N466WN. The dataset allegedly consists of ~36 GB of aviation maintenance records dated 2006–November 2022, including FAA conformity files, ATA service bulletins, C-check records, airworthiness logs, task cards, NCRs, and photos
Date: 2026-02-07T06:40:09Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275438/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e4ae52fc-1b65-4dda-a9ef-fcca11e1e467.png
https://d34iuop8pidsy8.cloudfront.net/94a38bc9-5f17-4875-ad1d-fe292581acd8.png
https://d34iuop8pidsy8.cloudfront.net/ffd4f336-f7ce-416f-88f4-7d42c7a708e8.png
Threat Actors: zestix
Victim Country: USA
Victim Industry: Airlines & Aviation
Victim Organization: avelo airlines
Victim Site: aveloair.com - BABAYO EROR SYSTEM targets the website of Namaai Group
Category: Defacement
Content: The group claims to have defaced the website of Namaai Group.
Date: 2026-02-07T06:39:26Z
Network: telegram
Published URL: https://t.me/c/3664625363/177
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/84776b22-98a5-4ab3-9aa0-3b0a2ec852bb.png
https://d34iuop8pidsy8.cloudfront.net/fd5c01ec-6167-458c-b5cc-349bdebf91ff.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: Kenya
Victim Industry: Transportation & Logistics
Victim Organization: namaai group
Victim Site: whatsapp.namaaigroup.co.ke - BABAYO EROR SYSTEM targets the website of J.C. Brent
Category: Defacement
Content: The group claims to have defaced the website of J.C. Brent
Date: 2026-02-07T06:39:05Z
Network: telegram
Published URL: https://t.me/c/3664625363/177
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/87e831e4-6f3f-4155-bf19-54d5e68e12c3.png
https://d34iuop8pidsy8.cloudfront.net/fefbf46e-4b02-4b50-96c0-8a81f23b98a9.png
Threat Actors: BABAYO EROR SYSTEM
Victim Country: UK
Victim Industry: Transportation & Logistics
Victim Organization: j.c. brent
Victim Site: wings.jcbrent.com - Alleged data leak of Japan real estate
Category: Data Breach
Content: Threat actor claims to have leaked data from a real estate company in Japan.
Date: 2026-02-07T06:32:48Z
Network: openweb
Published URL: https://leakbase.la/threads/japan-real-estate.48755/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/bc1f5fb5-574a-4313-abf7-1af894b2bb81.png
Threat Actors: jxq09
Victim Country: Japan
Victim Industry: Real Estate
Victim Organization: Unknown
Victim Site: Unknown - Alleged data leak of Chinese database
Category: Data Breach
Content: Threat actor claims to have leaked database from China.
Date: 2026-02-07T06:24:24Z
Network: openweb
Published URL: https://leakbase.la/threads/biggest-china-databases.48753/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/077e7bfc-2d31-4436-ad42-5c7a8cbe42cb.png
Threat Actors: mr_x1
Victim Country: China
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged leak of login credentials to AllJobs
Category: Data Breach
Content: The group claims to have leaked login credentials to AllJobs
Date: 2026-02-07T06:17:35Z
Network: telegram
Published URL: https://t.me/c/1943303299/1058617
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6d71f296-3837-40eb-b593-8dae2bfceb6e.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Israel
Victim Industry: Staffing/Recruiting
Victim Organization: alljobs
Victim Site: alljobs.co.il - Alleged leak of Real Estate Data From Canada
Category: Data Breach
Content: The threat actor claims to be leaked Real Estate Company Data From Canada ,the compromised data reportedly contain 11,000 records
Date: 2026-02-07T06:16:42Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-11k-Canada-Real-Estate
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b6f51718-afb1-4451-be06-30b1c70c18ff.png
Threat Actors: Sythe
Victim Country: Canada
Victim Industry: Real Estate
Victim Organization: Unknown
Victim Site: Unknown - Alleged data leak in USA
Category: Data Breach
Content: Threat actor claims to have leaked 2.7 million data from USA.
Date: 2026-02-07T06:13:00Z
Network: openweb
Published URL: https://leakbase.la/threads/2-7-billion-usa-ssn-database-2026.48756/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/04c3b2d2-846e-469c-af76-c4cbfee529ef.png
Threat Actors: Pijush507
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Data Breach of Auvo
Category: Data Breach
Content: The threat actor claims to have compromised 372.78 GB of data from Auvo, The leaked information is said to includes Purchasing and procurement records, Supplier and vendor documentation, Purchase orders, quotations, and pricing negotiations, Financial transaction confirmations, Messaging and chat exported media. The actor is demanding ransom and intends to publish the data.
Date: 2026-02-07T05:55:21Z
Network: openweb
Published URL: https://breachforums.cz/index.php?threads/auvo-com-ransom.337/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3c07a713-5b48-4180-8afa-093163459c99.png
Threat Actors: vexin
Victim Country: Brazil
Victim Industry: Software Development
Victim Organization: auvo
Victim Site: auvo.com - Alleged leak of login credentials to International Technical Colleges (ITC)
Category: Data Breach
Content: The group claims to have leaked login credentials to International Technical Colleges (ITC)
Date: 2026-02-07T05:54:42Z
Network: telegram
Published URL: https://t.me/c/1943303299/1058616
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6a4723c0-f603-412a-9929-97d190112dc7.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Saudi Arabia
Victim Industry: Education
Victim Organization: international technical colleges (itc)
Victim Site: ic.coe.com.sa - Alleged Data Breach of W. L. Butler
Category: Data Breach
Content: Threat actor claims to be selling a large USA business database in CSV format, allegedly containing approximately 9.1 million records. The dataset reportedly includes business names, categories, email addresses, phone numbers, physical addresses, city, state, postal codes, and associated website and social media links.
Date: 2026-02-07T05:39:36Z
Network: openweb
Published URL: https://leakbase.la/threads/usa-businesss-database.48752/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c139c9f8-7800-466e-aeaf-71cd486337d7.png
Threat Actors: PixelPhreak
Victim Country: USA
Victim Industry: Building and construction
Victim Organization: w. l. butler
Victim Site: wlbutler.com - Alleged leak of login credentials to Iraqi Bar Association
Category: Data Breach
Content: The group claims to have leaked login credentials to Iraqi Bar Association.
Date: 2026-02-07T05:29:06Z
Network: telegram
Published URL: https://t.me/c/1943303299/1058563
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f8a84b76-1b36-4098-ab89-0993f5cc8069.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Legal Services
Victim Organization: iraqi bar association
Victim Site: lawyers.gov.iq - Alleged leak of login credentials to Iraqi Engineers Union
Category: Data Breach
Content: The group claims to have leaked login credentials to Iraqi Engineers Union
Date: 2026-02-07T05:27:38Z
Network: telegram
Published URL: https://t.me/c/1943303299/1058581
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/59239713-9a1c-494f-9c16-f25728bd2f87.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Civic & Social Organization
Victim Organization: iraqi engineers union
Victim Site: ieu-iq.org - Alleged leak of login credentials to Iraqi Journalists Syndicate
Category: Data Breach
Content: The group claims to have leaked login credentials to Iraqi Journalists Syndicate.
Date: 2026-02-07T05:26:23Z
Network: telegram
Published URL: https://t.me/c/1943303299/1058559
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a451df8d-f99d-4cd6-948e-749182b18d72.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iraq
Victim Industry: Newspapers & Journalism
Victim Organization: iraqi journalists syndicate
Victim Site: iraqijs.org - Alleged leak of login credentials to Godping
Category: Data Breach
Content: The group claims to have leaked login credentials to Godping.
Date: 2026-02-07T05:21:30Z
Network: telegram
Published URL: https://t.me/c/1943303299/1058555
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/214b1b67-32ec-4c8b-85eb-9076ed6a7127.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Gaming
Victim Organization: godping
Victim Site: godping.ir - Alleged leak of login credentials to ElitePing
Category: Data Breach
Content: The group claims to have leaked login credentials to ElitePing.
Date: 2026-02-07T05:08:06Z
Network: telegram
Published URL: https://t.me/c/1943303299/1058577
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/99168611-9bb8-4a5d-a859-a6566e69889b.png
Threat Actors: A K U L A v 2 . 2
Victim Country: Iran
Victim Industry: Gaming
Victim Organization: eliteping
Victim Site: eliteping.ir - Alleged Data Sale of Safe Home Security Inc
Category: Data Breach
Content: The threat actor claims to be selling the database of Safe Home Security Inc, the dataset contains extremely sensitive records, including multimedia files and confidential security-related documentation.
Date: 2026-02-07T03:52:46Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Confidential-High-Volume-PII-Dataset-%E2%80%93-Residential-Security-Provider-7-Terabytes
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/500fd453-9695-4eaa-b179-b92af62176f5.png
https://d34iuop8pidsy8.cloudfront.net/f79e37e2-9978-4b15-8c7f-598fe737abca.png
https://d34iuop8pidsy8.cloudfront.net/4fa30e65-e2d5-41c7-b10e-a07ae6703712.png
https://d34iuop8pidsy8.cloudfront.net/61acaa07-e504-488d-b3d6-aced25c75daf.png
https://d34iuop8pidsy8.cloudfront.net/06db83ef-e313-4cf6-8d89-20ecf442d273.png
https://d34iuop8pidsy8.cloudfront.net/a2712dff-931c-4469-9641-420f7982d4f5.png
https://d34iuop8pidsy8.cloudfront.net/676a2a13-ef68-44f7-a63f-6f1c64c13506.png
Threat Actors: iProfessor
Victim Country: USA
Victim Industry: Security & Investigations
Victim Organization: safe home security inc
Victim Site: safehomesecurityinc.com - Alleged Data Breach of Grupo VerdeAzul
Category: Data Breach
Content: The threat actor claims to have compromised Grupo VerdeAzul. The leaked information is said to include Accounting and bookkeeping system data, Company financial records and ledgers, Accounts payable and receivable data, Tax configuration files and statutory tax records, Software licensing, serial numbers, and entitlement data, System files, installers, and software packages. The actor is demanding ransom and intends to publish the data within seven days.
Date: 2026-02-07T03:51:53Z
Network: openweb
Published URL: https://breachforums.cz/index.php?threads/grupoverdeazul-com-ransom.338/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3e890ffc-c9a1-47bf-bb17-56aa265d0a88.png
Threat Actors: vexin
Victim Country: Panama
Victim Industry: Real Estate
Victim Organization: grupo verdeazul
Victim Site: grupoverdeazul.com - Alleged Data Breach of Partai Keadilan Sejahtera (PKS)
Category: Data Breach
Content: The threat actor claims to be leaked data from Partai Keadilan Sejahtera. The compromised data reportedly includes Validation date, Full address, Date and place of birth, Gender, Email address, Phone number, Province, regency, districtNote: This organization was previously breached on October 2025
Date: 2026-02-07T03:09:43Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-DATA-BASE-KTA-PKA
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e1b8debf-a675-49c0-9370-2c9b49ff8d62.png
Threat Actors: CinCauGhas
Victim Country: Indonesia
Victim Industry: Political Organization
Victim Organization: partai keadilan sejahtera
Victim Site: pks.id - Alleged sale of 469 credit card records
Category: Data Breach
Content: Threat actor claims to be selling 469 credit card records from USA.
Date: 2026-02-07T03:09:28Z
Network: openweb
Published URL: https://forum.exploit.in/topic/275384/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/869c262f-4ed9-4333-8a3b-72a3176b8045.png
Threat Actors: bobby_killa
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Sale of ShadowRipper Crypto & Wallet Decryption Tool
Category: Malware
Content: The threat actor claims to be selling ShadowRipper, a multi-module tool allegedly used to process stealer logs and crypto data. Claimed capabilities include wallet decryption, seed phrase parsing, password extraction, log sorting, brute-force support, and automated pipelines, promoted with a modern GUI and multi-wallet support.
Date: 2026-02-07T02:58:07Z
Network: openweb
Published URL: https://forum.exploit.biz/topic/275422/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/324d0130-85c7-4ff7-836e-0e14166c8de9.png
https://d34iuop8pidsy8.cloudfront.net/12ccd322-e1a6-4430-bd25-4711c852c20a.png
https://d34iuop8pidsy8.cloudfront.net/53cc7298-056b-40f5-86e2-6758648d44d5.png
https://d34iuop8pidsy8.cloudfront.net/2cb07fc4-dedc-4efc-9d00-b3bf484c5593.png
https://d34iuop8pidsy8.cloudfront.net/f39403a4-5c54-41fe-b927-d048def4ab54.png
https://d34iuop8pidsy8.cloudfront.net/f92bed99-cd3b-44f9-b4fc-f1edf2c3ed4f.png
https://d34iuop8pidsy8.cloudfront.net/683bb4d5-df74-49e4-87bc-9c39cdda541a.png
Threat Actors: ShadowRipper
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown - Alleged Data Breach of Bourse des Vols
Category: Data Breach
Content: The threat actor claims to be leaked data from Bourse des Vols. The compromised data reportedly contain 707,864 records includes Email address, postal code, city, country, Billing name and address, phone number
Date: 2026-02-07T02:36:42Z
Network: openweb
Published URL: https://darkforums.me/Thread-FR-bourse-des-vols-com
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c292111d-030c-49d9-95ff-63d00c6de7d1.png
Threat Actors: Kirigaya
Victim Country: France
Victim Industry: Leisure & Travel
Victim Organization: bourse des vols
Victim Site: bourse-des-vols.com - Alleged data breach of Agence Nationale des Titres Sécurisés
Category: Data Breach
Content: The threat actor claims to have leaked data from Agence Nationale des Titres Sécurisés (ANTS). The compromised data reportedly contain 13,187,563 Million User records including First Name, Name, Age, Phone number and Email ID information.
Date: 2026-02-07T02:22:23Z
Network: openweb
Published URL: https://darkforums.me/Thread-FR-ants-gouv-fr
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/52589c53-429d-4b79-84fb-5758712a4947.png
Threat Actors: Kirigaya
Victim Country: France
Victim Industry: Government & Public Sector
Victim Organization: agence nationale des titres sécurisés
Victim Site: ants.gouv.fr - AN0M949_GHOST_TRACK targets the website of PT. Legenda Inti Makmur
Category: Defacement
Content: The group claims to have defaced the website of PT. Legenda Inti Makmur.
Date: 2026-02-07T02:16:00Z
Network: telegram
Published URL: https://t.me/CyaberGhost/605
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7c1e873a-0231-4df6-9fcb-09b782af514b.png
Threat Actors: AN0M949_GHOST_TRACK
Victim Country: Indonesia
Victim Industry: Other Industry
Victim Organization: pt. legenda inti makmur
Victim Site: legendaintimakmur.com - Alleged Data Breach of Harvard University
Category: Data Breach
Content: The threat actor claims to have leaked data from Harvard University, allegedly associated with the ShinyHunters group. The compromised data reportedly contains approximately 5.06 GB of student records, including Names, Email addresses, Home addresses, Phone number information.
Date: 2026-02-07T01:56:19Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-Harvard-University-Database-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fa0a6403-08da-4556-be4c-d90aa4a11a4b.png
Threat Actors: cysc
Victim Country: USA
Victim Industry: Education
Victim Organization: harvard university
Victim Site: harvard.edu - Alleged Data Breach of ManoMano
Category: Data Breach
Content: The threat actor claims to be leaked data from ManoMano. The compromised data reportedly contain 37.8 million user records and 0.9 million Support ticket records
Date: 2026-02-07T01:30:26Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-Manomano-breach-37-8M
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4e592625-a711-4209-81cc-d7d59d92c007.png
Threat Actors: Indra
Victim Country: France
Victim Industry: E-commerce & Online Stores
Victim Organization: manomano
Victim Site: manomano.fr - AN0M949_GHOST_TRACK targets the website of GeNews15.com
Category: Defacement
Content: The group claims to have defaced the website of GeNews15.com.
Date: 2026-02-07T01:11:21Z
Network: telegram
Published URL: https://t.me/an0m949_ghost/907
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/03fb16fe-e082-48bf-b034-39236d07d241.png
Threat Actors: AN0M949_GHOST_TRACK
Victim Country: Indonesia
Victim Industry: Newspapers & Journalism
Victim Organization: genews15.com
Victim Site: genews15.com - Alleged Data Breach of WAS Madeiras
Category: Data Breach
Content: The threat actor claims to have compromised WAS Madeiras. The leaked information is said to include Production control records and daily production logs, Manufacturing scheduling data, WhatsApp Business communications, Project, engineering, and production planning documentation, IT and internal systems documentation. The actor is demanding ransom and intends to publish the data within seven days.
Date: 2026-02-07T00:46:58Z
Network: openweb
Published URL: https://breachforums.cz/index.php?threads/was-madeiras-ransom.335/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5f23d00d-32b2-4bf2-a655-2a4da9769840.png
Threat Actors: duxy
Victim Country: Brazil
Victim Industry: Manufacturing
Victim Organization: was madeiras
Victim Site: wasmadeiras.com.br - Alleged Data Breach of France Travail
Category: Data Breach
Content: The threat actor claims to be leaked data from France Travail. The compromised data reportedly includes national identification numbers, first and last names, salary identifiers, employment agency details, regional information, compensation values, and timestamped employment records.
Date: 2026-02-07T00:20:19Z
Network: openweb
Published URL: https://darkforums.me/Thread-FR-France-Travail
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/de45d979-e48c-47fd-a63c-7e18d9a3296a.png
Threat Actors: Kirigaya
Victim Country: France
Victim Industry: Government & Public Sector
Victim Organization: france travail
Victim Site: francetravail.fr - Alleged Data breach of Mutualista Imbabura
Category: Data Breach
Content: The threat actor claims to have compromised Mutualista Imbabura, reportedly gaining control of four domain controllers and exfiltrating extensive sensitive data. The leaked information is said to include customer financial records, loan portfolios, employee PII, national ID documents, core banking system data, credit card processing information, internal communications, backups, network configurations, and other operational documentation. The actor is demanding ransom and intends to publish the data within seven days.
Date: 2026-02-07T00:03:04Z
Network: openweb
Published URL: https://breachforums.cz/index.php?threads/mutualista-imbabura-ransom.333/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8e0ffc1d-1711-4efe-b251-ac200159257d.png
https://d34iuop8pidsy8.cloudfront.net/1ec40d1b-b2a5-4b89-a3c7-2c06cea30fa4.png
Threat Actors: duxy
Victim Country: Ecuador
Victim Industry: Financial Services
Victim Organization: mutualista imbabura
Victim Site: mutualistaimbabura.com