[March-13-2026] Daily Cybersecurity Threat Report

Posted on

Executive Summary

This report aggregates and analyzes a high volume of cybersecurity incidents recorded primarily on March 13, 2026. The incidents encompass a wide spectrum of malicious activities, including high-level alerts, initial access brokering, massive data breaches, state-level infrastructure targeting, and widespread website defacements. Threat actors utilized various platforms to publish their claims, predominantly relying on open web forums (such as BreachForums and Exploit.biz) and Telegram channels to distribute stolen data and announce compromises.

Section 1: Critical Infrastructure and National Security Alerts

A concerning trend in the provided data is the targeting of national defense, government infrastructure, and key public utilities across multiple nations.

  • Israeli Defense Infrastructure: The threat actor “We are MONARCH” claimed unauthorized access to systems associated with Israel’s air defense infrastructure. This reportedly includes the Iron Dome missile defense system, Rafael Advanced Defense Systems, and the Israeli Southern Command. The group claimed to be able to manipulate radar sensitivity and missile interception functions. The incident was reported on Telegram on March 13, 2026. Later the same day, the same group claimed unauthorized access specifically to Rafael’s Next-Generation Battle Management and Control (BMC) and communication systems. Furthermore, “We are MONARCH” issued an alert targeting both the USA and Israel, referencing the CIA, Mossad, Rafael Advanced Defense Systems, and unspecified systems within Israel’s nuclear sector.
  • Energy Sector (UAE): The threat actor “Nasir Security” alleged a massive breach of Dubai Petroleum. They claim to have acquired 413 GB of sensitive data, including classified information regarding oil-sector infrastructure and strategic pipeline network details. The published URL is located on the open web.
  • Government & Public Sector (Indonesia): “ZamXploit” claimed to have leaked a database from Pengadilan Agama Purwakarta. The leaked data reportedly contains case management records related to divorce proceedings, including case numbers, names, divorce types, dates, and administrative documents.
  • Government Administration (Syria): The group “Keymous Plus” claimed to have leaked data belonging to Syria’s Ministry of Transport.
  • Government Administration (Yemen): “Anonymous2090” claimed a data breach from the Sanaa Water and Sanitation Local Corporation, which allegedly occurred in 2025.
  • Government Administration (Kenya): The group “Z-Root” claimed to be selling Kenya government admin dashboard credentials via Telegram.
  • Government Administration (South Africa): The actor “XP95” claimed to be selling 3.8 TB of data from the Gauteng Provincial Government. This data allegedly relates to government departments, public programs, healthcare, education, housing, and economic development.
  • Research & Intelligence (USA): The threat actor “jrintel” claimed to be leaking a PDF document on an open web forum allegedly related to classified NASA research projects. The document reportedly contains specific research details and personal contact information.
  • Industrial Infrastructure (Turkey): “Armenian code” claimed unauthorized access to a pumping station control system in Turkey. They alleged that modifications to the control panel disrupted normal operations and impacted water management processes.

Section 2: Large-Scale Corporate Data Breaches

Several major corporations and educational institutions suffered significant alleged data breaches, exposing millions of user records and sensitive internal data.

  • Loblaw Companies Limited (Canada): Threat actor “igotafeeling” claimed to be selling a database from Loblaw Companies Limited. The compromised data allegedly contains large volumes of sensitive information across internal platforms, including customer info, pharmacy records, e-commerce data, and source code. The actor claims the breach includes tens to hundreds of millions of records, including Shoppers Drug Mart prescription data, loyalty information, payment cards, and user identity data.
  • TELUS Digital (Canada): TELUS Digital reportedly suffered a breach by “ShinyHunters”. The group claims to have stolen nearly 1 petabyte of data during a multi-month intrusion. The attackers allegedly used Google Cloud Platform credentials exposed in a previous Salesloft Drift breach to access internal systems and extract customer support and telecommunications datasets.
  • Starbucks (USA): Starbucks disclosed a breach affecting hundreds of employees after attackers accessed 889 Starbucks Partner Central accounts. Attackers obtained login credentials via impersonation websites between January 19 and February 11, potentially exposing employee names, Social Security numbers, dates of birth, and financial details. Starbucks notified law enforcement and offered credit monitoring.
  • Hebrew University of Jerusalem (Israel): “Handala Hack” claimed a large-scale intrusion into the university. They assert that all university servers were compromised, resulting in the wiping and permanent destruction of over 48 TB of educational, research, and administrative data. Furthermore, they claim to have exfiltrated over 23 TB of sensitive material, including personal student and faculty information.
  • BAYDÖNER (Turkey): “TurkGuvenlik” claimed a breach of 3.7 million records from the restaurant chain BAYDÖNER. This allegedly includes 2 million user records, 1.5 million CRM records, and 200,000 order records.
  • Phonebot (Australia): Threat actor “2019” claimed to be selling a database belonging to Phonebot. The dataset reportedly holds over 200,000 customer records, including hashed MD5 passwords, names, emails, and reward points.

Section 3: Defacement Campaigns and Hacktivism

A highly coordinated series of website defacements took place, primarily orchestrated by a single threat actor focusing on Botswana.

  • Botswana Defacement Campaign: The threat actor “Hax.or” targeted numerous websites in Botswana, posting their claims to a Telegram channel. Targeted sites included glamorous.co.bw , galacticmist.co.bw , globalmatrix.co.bw , freshaqua.co.bw , frogirls.co.bw , Forerunner Edge (forerunneredge.co.bw) , forticrete.co.bw , and multiple instances of geshomprojects.co.bw.
  • Other “Hax.or” Activity: The same actor defaced frontlinemedikip.com , opsi.ponyhost.xyzv , and the Labeaute Clinic website in Kuwait. Another group, “F9.HaCkEr”, also claimed to have defaced the Labeaute Clinic website.
  • Kuwait Campaign: The “313 Team” claimed defacements of hopokw.com and grillokw.com, noting that the authenticity of these claims was yet to be verified.
  • Indonesia and India Campaigns: “Z-BL4CX-H4T.ID” targeted the RC DRIVE GROUP in Indonesia. The “Cyber Islamic resistance” claimed to have defaced [suspicious link removed] and Diamond Finance Pvt. Ltd. in India.

Section 4: Initial Access Brokering and Financial Data Sales

The underground economy for selling unauthorized access and compromised financial data was highly active on open web forums.

  • Initial Access – Corporate & Manufacturing: “Stari4ok” claimed to sell admin panel access to a US-based Magento 2 shop with recent transaction history. “samy01” claimed to sell RDWeb access to a manufacturing company in Finland with two domain controllers and 156 domain computers. “personX” claimed to sell VPN access to a manufacturing company in Slovakia.
  • Initial Access – Finance & Venture Capital: “redbull302” claimed to sell corporate email access to Fenbushi Capital in China, allowing the buyer to configure auto-responders. “happywalad” claimed to sell network access to a French asset management company affiliated with Crédit Mutuel Alliance Fédérale, including Citrix sessions and Azure accounts.
  • Financial Data – Credit Cards & Banking: “ChumGang” claimed to sell valid card dumps with PINs targeting multiple countries, primarily the USA. “s4sori” claimed to sell 3,827 US credit card records extracted using a sniffer. “urbsnv” claimed to sell 150 card records from Ireland. Furthermore, “injectioninferno” and “injectioninferno2” claimed to sell Spanish financial lead data associated with IBAN numbers.
  • Identity Data: “Payload” claimed to sell Canadian “fullz” containing personal, financial, and banking information, along with supporting documents like driver’s licenses and passports.

Section 5: Exhaustive Log of Remaining Incidents

The provided dataset contains numerous other significant breaches and alerts across various industries.

  • Alerts & Targeting Declarations: * The “313 Team” issued an alert claiming to target all companies affiliated with US President Trump.
    • “Order403” claimed to target Cuba.
    • “SOLO APT by Kafir” claimed to target Tamasha in Pakistan.
  • Healthcare & Medical: * “DumpSec” claimed to sell an 890,000-record database from GPS Santé, a French healthcare network.
    • “HexDex” claimed to sell data from Therapeutes.com in France, affecting 71,502 patients and containing over 199,000 therapy appointments.
    • The “chinafans” group claimed to have defaced the website of Al Hammadi Holding in Saudi Arabia.
  • Education Sector: * Hanover County Public Schools (HCPS) in the USA reported a cyberattack disrupting internet services and internal systems.
    • “kyyzo” claimed to leak 7,680+ records from the PTK Probolinggo Regency Education Staff in Indonesia.
    • “Blue Shadow” claimed to breach Knowledge Management Scitech VRU in Thailand.
    • “CryptoDead” claimed a massive 100GB leak of over 30 million personal and educational records from ICFES in Colombia.
    • “PhantomSY” claimed to leak data from an Iranian Educational Institution.
  • Technology & Media Data Breaches: * “Sythe” claimed to leak the database of TLDR.Tech, exposing over 1.2 million unique users, including email addresses, location details, and employment history.
    • “Sythe” also claimed to sell private crypto, AI, and finance databases.
  • Gambling Industry (China): The threat actor “Whale Market” conducted a massive campaign targeting Chinese gambling platforms. They claimed to sell a dataset of 6.55 million records from various platforms , 72 million records from qnqb.com , detailed betting and login histories from an unidentified platform , and over 400,000 records from another platform.
  • Retail, E-commerce, & Hospitality: * “Z3ktr0n” claimed a data breach of Cookiran in Iran, an organization previously breached in May 2024.
    • “rythem” claimed to sell a database of approximately 234,000 hotel reservation records in Saudi Arabia, including bookings for prominent figures like Mohammed bin Salman.
    • “admmonero” claimed a breach of Racing Power Boat RC in France.
    • “cachecat” claimed to sell 167K records from Rok Hardware in the USA.
    • “INDOHAXSEC” claimed a data breach of the Israeli online shopping site P1000, exposing customer IDs, phones, and passwords.
    • “Shadow Warrior” claimed a data breach of Amazing Lock and Key in the USA.
    • “Anonymous2090” claimed to breach data from the Njik App in Saudi Arabia.
  • Telecommunications & IT Access: * “The Red Eagle” claimed unauthorized access to Grameen Telecom (GTC) infrastructure in Bangladesh.
    • “IT ARMY of Ukraine” claimed a cyberattack on the ONET Group.
    • “SOLO APT by Kafir” claimed to breach the Nayatel database in Pakistan.
    • “DEFACER INDONESIAN TEAM” claimed to leak login credentials to Fernando Alarcon Lisci in Spain , and to INOU LATAM and Inou in Panama.
  • Miscellaneous Data Breaches & Access: * “RuskiNet” claimed to leak data on past and present Israeli police workers.
    • “MORNING STAR” claimed unauthorized access to an unidentified CCTV System in Israel.
    • “Handala Hack” claimed to compromise the email account of former Israeli Military Intelligence Chief Tamir Hayman, accessing roughly 50,000 emails.
    • “Whale Hunters Groups” claimed a breach of Rooftop Studios in the UK.
    • “Spirigatito” claimed to sell a social media marketplace database with over 2 million records.
    • “Jaxx” claimed to sell a verified premium account on the T1eron3 malware forum.
    • “NoName057(16)” claimed access to a Ukrainian trader’s MetaTrader 5 account.
    • “XZeeoneOfc” claimed to leak KYC data of Indian citizens.
    • “GoogleAdmin” claimed to sell admin access to Sanatoriums and Resorts of Ukraine.
    • “kyzo” claimed to leak 40 employee records from Pegawai DISKOMINFO.
    • “MRLUCK” claimed to leak data from Tungkaran Prince Village in Indonesia.
    • “MagoSpeak” claimed to leak human resources data from Aguascalientes, Mexico.
    • “SOLO APT by Kafir” claimed to breach 6.5 GB of data from the Punjab Sahulat Bazaars Authority.
    • “PeachesNCream” claimed to leak a database of 10,000 email:password combinations suitable for brute-forcing.
    • “iProfessor” claimed to sell a dataset of over 22k records associated with Indian investors.
    • “BABAYO EROR SYSTEM” defaced nicholasmartin.omcdemosites.com and vailinsurance.omcdemosites.com.

Conclusion

The draft data indicates a severe and highly active cyber threat landscape as of mid-March 2026. The incidents show a clear bifurcation in attacker motivations. On one side, financially motivated actors (such as Initial Access Brokers and data sellers) are successfully compromising corporate entities, healthcare providers, and e-commerce platforms to harvest sellable data. On the other side, hacktivists and potentially state-sponsored actors are actively targeting critical infrastructure, defense systems, and government administration portals across global geopolitical fault lines, specifically focusing on the Middle East, North America, and Eastern Europe. The sheer volume of compromised records—ranging from gigabytes of pipeline data to petabytes of telecommunications data—highlights the critical need for robust defense-in-depth strategies.

Detected Incidents Draft Data

  1. 313 Team claims to target companies affiliated with US President.
    Category: Alert
    Content: A recent post by the group indicates that they are targeting all companies affiliated with US President Trump.
    Date: 2026-03-13T23:46:16Z
    Network: telegram
    Published URL: https://t.me/xX313XxTeam/735
    Screenshots:
    None
    Threat Actors: 313 Team
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  2. Alleged unauthorized access to Israel’s air defense infrastructure
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to systems associated with Israel’s air defense infrastructure, including the Iron Dome missile defense system, reportedly targeted infrastructure linked to Rafael Advanced Defense Systems and the Israeli Southern Command, with claims of manipulating radar sensitivity and missile interception functions.
    Date: 2026-03-13T23:34:15Z
    Network: telegram
    Published URL: https://t.me/c/2869875394/366
    Screenshots:
    None
    Threat Actors: We are MONARCH
    Victim Country: Israel
    Victim Industry: Aviation & Aerospace
    Victim Organization: Unknown
    Victim Site: Unknown
  3. Alleged Data breach of Cookiran
    Category: Data Breach
    Content: The threat actor claims to be leaked data from Cookiran. The compromised data reportedly includes Full names, Cellphone numbers, Mails, IP addresses Logs, User comments Logs and setting files systemNote: This Organization was previously breached on May 14, 2024
    Date: 2026-03-13T23:16:44Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-Cookiran-ir-Database
    Screenshots:
    None
    Threat Actors: Z3ktr0n
    Victim Country: Iran
    Victim Industry: Restaurants
    Victim Organization: cookiran
    Victim Site: cookiran.ir
  4. Alleged Sale of Valid Card Dumps from Multiple Countries
    Category: Data Breach
    Content: Threat actor claims to be selling card dumps with PINs targeting multiple countries, including the United States, the United Arab Emirates, and Mexico, along with other countries. The dataset includes Track 2 card dump data with PINs and mentions that the majority of the cards are associated with the United States.
    Date: 2026-03-13T23:13:06Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278270/
    Screenshots:
    None
    Threat Actors: ChumGang
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  5. Alleged data breach of Dubai Petroleum
    Category: Data Breach
    Content: The threat actor claims to have breached 413 GB of sensitive data from Dubai Petroleum, including classified information on oil-sector infrastructure and strategic pipeline network details.
    Date: 2026-03-13T22:51:32Z
    Network: openweb
    Published URL: http://nasir.cc/pages/dubai-petrol.html
    Screenshots:
    None
    Threat Actors: Nasir Security
    Victim Country: UAE
    Victim Industry: Oil & Gas
    Victim Organization: dubai petroleum
    Victim Site: dubaipetroleum.ae
  6. chinafans targets the website of Al Hammadi Holding
    Category: Defacement
    Content: The group claims to have defaced the website of Al Hammadi Holding.
    Date: 2026-03-13T22:18:15Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41605538
    Screenshots:
    None
    Threat Actors: chinafans
    Victim Country: Saudi Arabia
    Victim Industry: Hospital & Health Care
    Victim Organization: al hammadi holding
    Victim Site: alhammadi.com
  7. Alleged Sale of Hotel Reservation Records Database in Saudi Arabia
    Category: Initial Access
    Content: Threat Actor claims to be selling a database allegedly containing information of more than 400 hotels in Saudi Arabia. The dataset includes approximately 234,000 hotel reservation records and is provided in CSV format with detailed reservation reports and booking information. The database includes booking information associated with various individuals, including well-known figures such as Mohammed bin Salman, Abdullah bin Abdulaziz, Reem Abdullah, Layla Abdullah, Mohammed Al-Amoudi, Abdullah Al-Rajhi, and Mohammed Al-Issa, along with other celebrities, billionaire sheikhs, and millionaires.
    Date: 2026-03-13T22:06:21Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278269/
    Screenshots:
    None
    Threat Actors: rythem
    Victim Country: Saudi Arabia
    Victim Industry: Restaurants
    Victim Organization: Unknown
    Victim Site: Unknown
  8. Alleged Sale of Unauthorized Admin Access to an Unidentified Magento 2 Shop in USA
    Category: Initial Access
    Content: The threat actor claims to be selling admin panel access associated with a Magento 2 CMS-based shop in the United States, stating that the site recorded 201 transactions in January, 154 in February, and 90 in March.
    Date: 2026-03-13T22:00:29Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278273/
    Screenshots:
    None
    Threat Actors: Stari4ok
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  9. F9.HaCkEr targets the website of Labeaute Clinic
    Category: Defacement
    Content: The group claims to have defaced the webiste of
    Date: 2026-03-13T21:57:36Z
    Network: openweb
    Published URL: https://www.zone-h.org/mirror/id/41605701
    Screenshots:
    None
    Threat Actors: F9.HaCkEr
    Victim Country: Kuwait
    Victim Industry: Hospital & Health Care
    Victim Organization: labeaute clinic
    Victim Site: labeaute.com.kw/about-us.php
  10. Alleged data breach of Pengadilan Agama Purwakarta
    Category: Data Breach
    Content: The threat actor claims to have obtained and leaked a database from Pengadilan Agama Purwakarta. The leaked data reportedly includes case management records related to divorce proceedings, containing information such as case numbers, plaintiff and defendant names, divorce types, certificate numbers, divorce dates, case status, and related administrative documents.
    Date: 2026-03-13T21:44:44Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-DATABASE-sipesat-pa-purwakarta-go-id-Leaked–68877
    Screenshots:
    None
    Threat Actors: ZamXploit
    Victim Country: Indonesia
    Victim Industry: Government & Public Sector
    Victim Organization: pengadilan agama purwakarta
    Victim Site: sipesat.pa-purwakarta.go.id
  11. Alleged data leak of Indian Investors Data
    Category: Data Breach
    Content: The threat actor claims to have leaked and is selling a dataset associated with Indian investors. The exposed data reportedly includes PDF financial statements, investment portfolio summaries, and full contact details such as email addresses and phone numbers. The dataset allegedly contains more than 22k records.
    Date: 2026-03-13T20:26:13Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-Indian-Investors-Data-Daily-Fresh-New-Added
    Screenshots:
    None
    Threat Actors: iProfessor
    Victim Country: India
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  12. Alleged Sale of 3,827 Credit Card Records in USA
    Category: Data Breach
    Content: Tthreat Actor claims to be selling 3,827 credit card records in USA, allegedly extracted using a sniffer. The dataset includes card details such as card number, expiration date, cardholder name, card type, issuing bank, and country.
    Date: 2026-03-13T20:10:32Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278262/
    Screenshots:
    None
    Threat Actors: s4sori
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  13. Alleged data breach of Phonebot
    Category: Data Breach
    Content: A threat actor claims to be selling a database allegedly belonging to Phonebot. The dataset reportedly contains 200,000+ customer records and includes information such as customer IDs, names, email addresses, phone numbers, hashed passwords (MD5), IP addresses, account status, reward points, and other account-related details.
    Date: 2026-03-13T18:47:53Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-Phonebot-Australia-MD5-200K-Customers
    Screenshots:
    None
    Threat Actors: 2019
    Victim Country: Australia
    Victim Industry: E-commerce & Online Stores
    Victim Organization: phonebot
    Victim Site: phonebot.com.au
  14. Alleged data breach of GPS Santé
    Category: Data Breach
    Content: A threat actor claims to be selling a database allegedly belonging to GPS Santé, a French healthcare professional network that connects patients with doctors and medical services. The dataset reportedly contains approximately 890,000 records in JSONL format.the compromised data includes ID, first name, last name, date of birth, and phone numbers
    Date: 2026-03-13T18:41:48Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-FR-GPS-SANTE
    Screenshots:
    None
    Threat Actors: DumpSec
    Victim Country: France
    Victim Industry: Healthcare & Pharmaceuticals
    Victim Organization: gps santé
    Victim Site: gpssante.fr
  15. Alleged Data Breach of Rooftop Studios
    Category: Data Breach
    Content: The group claims to have accessed database including costumer information, billing information of Rooftop Studios.
    Date: 2026-03-13T18:38:54Z
    Network: telegram
    Published URL: https://t.me/c/3772103374/3271
    Screenshots:
    None
    Threat Actors: Whale Hunters Groups
    Victim Country: UK
    Victim Industry: Performing Arts
    Victim Organization: rooftop studios
    Victim Site: rooftopstudios.co.uk
  16. Alleged data breach of TLDR
    Category: Data Breach
    Content: The threat actor claims that the database of TLDR.Tech, a popular technology newsletter platform, has been leaked. The dataset allegedly contains information on over 1.2 million unique users. the compromised data includes email addresses, personal identifiers, location details, LinkedIn profiles, company information, employment history, phone numbers, and other profile-related metadata.
    Date: 2026-03-13T18:27:37Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-TLDR-Tech-Database-Leaked-Download
    Screenshots:
    None
    Threat Actors: Sythe
    Victim Country: USA
    Victim Industry: Online Publishing
    Victim Organization: tldr
    Victim Site: tldr.tech
  17. Alleged Data Leak of Israeli police
    Category: Data Breach
    Content: The group claims to have leaked data on people who have worked, or still work, at the Israeli police.
    Date: 2026-03-13T18:16:07Z
    Network: telegram
    Published URL: https://t.me/ruskinetgroup/82
    Screenshots:
    None
    Threat Actors: RuskiNet
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  18. Alleged data leak of Syrias Ministry of Transport
    Category: Data Breach
    Content: The group claims to have leaked data belonging to Syrias Ministry of Transport.
    Date: 2026-03-13T18:02:34Z
    Network: telegram
    Published URL: https://t.me/KeymousTG/894
    Screenshots:
    None
    Threat Actors: Keymous Plus
    Victim Country: Syria
    Victim Industry: Government Administration
    Victim Organization: ministry of transport
    Victim Site: mot.gov.sy
  19. Alleged Unauthorized Access to Unidentified CCTV System in Israel
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to unidentified CCTV System in Israel.
    Date: 2026-03-13T17:55:30Z
    Network: telegram
    Published URL: https://t.me/op_morningstar/529?single
    Screenshots:
    None
    Threat Actors: MORNING STAR
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  20. Alleged Data Breach of Racing Power Boat RC
    Category: Data Breach
    Content: Threat Actor claims to have breached the database of Racing Power Boat RC. The exposed dataset reportedly includes random records such as email addresses, IP addresses, and surnames.
    Date: 2026-03-13T17:54:49Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-FR-racing-power-boat-rc
    Screenshots:
    None
    Threat Actors: admmonero
    Victim Country: France
    Victim Industry: E-commerce & Online Stores
    Victim Organization: racing power boat rc
    Victim Site: racing-power-boat-rc.com
  21. Alleged Leak of Sensitive Emails Related to Former Israeli Military Intelligence Chief Tamir Hayman
    Category: Data Breach
    Content: The group claims to have compromised the email account of Tamir Hayman, alleging access to approximately 50,000 emails containing correspondence and documents related to security and strategic discussions. Hayman previously served as head of AMAN and currently leads the Institute for National Security Studies in Israel.
    Date: 2026-03-13T17:12:01Z
    Network: openweb
    Published URL: https://handala-hack.to/tamir-hayman-hacked/
    Screenshots:
    None
    Threat Actors: Handala Hack
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  22. Alleged Sale of Unauthorized Corporate Email Access to Fenbushi Capital in china
    Category: Initial Access
    Content: The threat actor claims to be selling access to two corporate email accounts associated with fenbushi.vc, linked to the China-based crypto venture capital firm Fenbushi Capital, stating that while sending emails is disabled, the accounts can be configured to auto-respond and reply to incoming emails with prepared messages.
    Date: 2026-03-13T17:08:14Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278249/
    Screenshots:
    None
    Threat Actors: redbull302
    Victim Country: China
    Victim Industry: Venture Capital
    Victim Organization: fenbushi capital
    Victim Site: fenbushi.vc
  23. Alleged Sale of Social Media Marketplace Database
    Category: Data Breach
    Content: A threat actor claims to be selling a database of a social media marketplace allegedly containing over 2 million user records. The dataset reportedly includes usernames, email addresses, hashed passwords, and registration information.
    Date: 2026-03-13T16:39:50Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-Social-Media-Marketplace-2M-Private-DB
    Screenshots:
    None
    Threat Actors: Spirigatito
    Victim Country: Unknown
    Victim Industry: Social Media & Online Social Networking
    Victim Organization: Unknown
    Victim Site: Unknown
  24. Alleged Sale of Unauthorized access to T1eron3 Forum Account
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized access to a verified premium account on the T1eron3 malware forum. The group alleges successful unauthorized access to the account as fully verified with full access privileges and offers the account for sale through cryptocurrency payments including BTC, LTC, and SOL.
    Date: 2026-03-13T15:58:12Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-T1eron3-Forum-Account-PAID-ACCOUNT
    Screenshots:
    None
    Threat Actors: Jaxx
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  25. Alleged data leak of PTK Probolinggo Regency Education Staff Database
    Category: Data Breach
    Content: A threat actor claims to have leaked a database associated with the PTK (Pendidik dan Tenaga Kependidikan) of Probolinggo Regency, Indonesia. The dataset allegedly contains 7,680+ records including sensitive personal information such as names, national identification numbers (NIK), phone numbers, residential addresses, and workplace details.
    Date: 2026-03-13T15:53:20Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DUMP-Database-PTK-Kab-Probolinggo
    Screenshots:
    None
    Threat Actors: kyyzo
    Victim Country: Indonesia
    Victim Industry: Education
    Victim Organization: Unknown
    Victim Site: Unknown
  26. Alleged unauthorized access to Grameen Telecom (GTC)
    Category: Initial Access
    Content: The group claims to have conducted a coordinated cyberattack targeting systems associated with Grameen Telecom in Bangladesh. The group alleges successful unauthorized access to the organization’s telecommunication infrastructure and indicates that monitoring activities are ongoing.
    Date: 2026-03-13T15:38:20Z
    Network: telegram
    Published URL: https://t.me/c/2156569801/2994
    Screenshots:
    None
    Threat Actors: The Red Eagle
    Victim Country: Bangladesh
    Victim Industry: Network & Telecommunications
    Victim Organization: grameen telecom (gtc)
    Victim Site: grameentelecom.net.bd
  27. Alleged access to an unidentified Ukrainian trader’s MetaTrader 5 account
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to an unidentified Ukrainian trader’s MetaTrader 5 account.
    Date: 2026-03-13T15:30:05Z
    Network: telegram
    Published URL: https://t.me/c/2787466017/2876
    Screenshots:
    None
    Threat Actors: NoName057(16)
    Victim Country: Ukraine
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  28. Alleged Sale of Unauthorized RDWeb Access to Unidentified Manufacturing Company in Finland
    Category: Initial Access
    Content: The threat actor claims to be selling RDWeb access associated with an unidentified organization in Finland, stating that the environment includes two domain controllers and 156 domain computers, uses White Secure Elements Agent antivirus, and is linked to the manufacturing industry with reported revenue of approximately 5k.
    Date: 2026-03-13T15:21:02Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/278243/
    Screenshots:
    None
    Threat Actors: samy01
    Victim Country: Finland
    Victim Industry: Manufacturing
    Victim Organization: Unknown
    Victim Site: Unknown
  29. Cyberattack hits Hanover County Public Schools (HCPS)
    Category: Cyber Attack
    Content: Hanover County Public Schools (HCPS) in the United States has reported an interruption to internet services and several internal systems following a suspected cybersecurity incident. As a precautionary measure, the district has temporarily disabled student Chromebooks and limited the use of certain technology systems while cybersecurity specialists and authorities investigate the situation and assess recovery measures
    Date: 2026-03-13T14:53:24Z
    Network: openweb
    Published URL: https://www.hcps.us/events/what_s_new/technology_update__march_2026
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: USA
    Victim Industry: Education
    Victim Organization: hanover county public schools (hcps)
    Victim Site: hcps.us
  30. Hax.or targets the website of glamorous.co.bw
    Category: Defacement
    Content: The group claims to have defaced the website of glamorous.co.bw
    Date: 2026-03-13T14:05:50Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129149
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Botswana
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: glamorous.co.bw
  31. Hax.or targets the website of frontlinemedikip.com
    Category: Defacement
    Content: The group claims to have defaced the website of frontlinemedikip.com
    Date: 2026-03-13T13:46:55Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129153
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: frontlinemedikip.com
  32. Hax.or targets the website of galacticmist.co.bw
    Category: Defacement
    Content: The group claims to have defaced the website of galacticmist.co.bw
    Date: 2026-03-13T13:43:03Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129152
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Botswana
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: galacticmist.co.bw
  33. Z-BL4CX-H4T.ID targets the website of RC DRIVE GROUP
    Category: Defacement
    Content: The group claims to have defaced the website of RC DRIVE GROUP
    Date: 2026-03-13T13:29:09Z
    Network: telegram
    Published URL: https://t.me/z_bl4cx_h4t_id/82
    Screenshots:
    None
    Threat Actors: Z-BL4CX-H4T.ID
    Victim Country: Indonesia
    Victim Industry: Transportation & Logistics
    Victim Organization: rc drive group
    Victim Site: rcdrive.id
  34. Hax.or targets the website of globalmatrix.co.bw
    Category: Defacement
    Content: The group claims to have defaced the website of globalmatrix.co.bw.
    Date: 2026-03-13T13:28:32Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129148
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Botswana
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: globalmatrix.co.bw
  35. Hax.or targets the website of freshaqua.co.bw
    Category: Defacement
    Content: The group claims to have defaced the website of freshaqua.co.bw
    Date: 2026-03-13T13:12:22Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129155
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Botswana
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: freshaqua.co.bw
  36. Hax.or targets the website of frogirls.co.bw
    Category: Defacement
    Content: The group claims to have defaced the website of frogirls.co.bw
    Date: 2026-03-13T13:12:01Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129154
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Botswana
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: frogirls.co.bw
  37. Hax.or targets the website of Forerunner Edge
    Category: Defacement
    Content: The group claims to have defaced the website of Forerunner Edge.
    Date: 2026-03-13T13:03:17Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129157
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Botswana
    Victim Industry: Media Production
    Victim Organization: forerunner edge
    Victim Site: forerunneredge.co.bw
  38. Hax.or targets the website of forticrete.co.bw
    Category: Defacement
    Content: The group claims to have defaced the website of forticrete.co.bw
    Date: 2026-03-13T12:59:43Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129156
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Botswana
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: forticrete.co.bw
  39. Hax.or targets the website of geshomprojects.co.bw
    Category: Defacement
    Content: The group claims to have defaced the website of geshomprojects.co.bw.
    Date: 2026-03-13T12:59:10Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129151
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Botswana
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: geshomprojects.co.bw
  40. Hax.or targets the website of geshomprojects.co.bw
    Category: Defacement
    Content: The group claims to have defaced the website of geshomprojects.co.bw.
    Date: 2026-03-13T12:58:11Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129150
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Botswana
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: geshomprojects.co.bw
  41. Alleged Unauthorized Access to Pumping Station Control System in Turkey
    Category: Initial Access
    Content: The group claims to have compromised the control interface of a pumping station associated with an industrial facility in Turkey, alleging that modifications to the control panel disrupted normal operations and affected water management processes.
    Date: 2026-03-13T12:43:00Z
    Network: telegram
    Published URL: https://t.me/armeniancode_eng/72
    Screenshots:
    None
    Threat Actors: Armenian code
    Victim Country: Turkey
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  42. Alleged data breach of the Hebrew University of Jerusalem
    Category: Data Breach
    Content: The threat actor claims to have conducted a large-scale cyber intrusion against the Hebrew University of Jerusalem. According to the actor, all university servers were allegedly compromised in a coordinated operation. They assert that more than 48 TB of educational, research, administrative, financial, and communications data was wiped and permanently destroyed. Additionally, they claim to have exfiltrated over 23 TB of sensitive material, including personal information of students and faculty, emails, official documents, and archival files.
    Date: 2026-03-13T12:28:24Z
    Network: openweb
    Published URL: https://handala-hack.to/hebrew-university-of-jerusalem-hacked/
    Screenshots:
    None
    Threat Actors: Handala Hack
    Victim Country: Israel
    Victim Industry: Education
    Victim Organization: hebrew university of jerusalem
    Victim Site: huji.ac.il
  43. Alleged data breach of Rok Hardware
    Category: Data Breach
    Content: The threat actor claims to be selling 167K records from Rok Hardware, allegedly containing email addresses, passwords, IDs, and more.
    Date: 2026-03-13T11:57:42Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-RokHardware-com-167k
    Screenshots:
    None
    Threat Actors: cachecat
    Victim Country: USA
    Victim Industry: Retail Industry
    Victim Organization: rok hardware
    Victim Site: rokhardware.com
  44. Alleged leak of KYC data of Indian citizens
    Category: Data Breach
    Content: The threat actor claims to have leaked KYC data of Indian citizens, allegedly containing sensitive personal and identity information collected during KYC verification processes.
    Date: 2026-03-13T11:44:15Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-DATA-LEAK-KYC-Know-Your-Customer-india
    Screenshots:
    None
    Threat Actors: XZeeoneOfc
    Victim Country: India
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  45. Alleged data breach of Sanaa Water and Sanitation Local Corporation
    Category: Data Breach
    Content: The threat actor claims to have breached data from the Sanaa Water and Sanitation Local Corporation, with the breach allegedly occurring in 2025.
    Date: 2026-03-13T11:35:50Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Yemen-%E2%80%93-Sana-a-Water-Corporation
    Screenshots:
    None
    Threat Actors: Anonymous2090
    Victim Country: Yemen
    Victim Industry: Government Administration
    Victim Organization: sanaa water and sanitation local corporation
    Victim Site: swslc-yemen.com.ye
  46. Alleged cyber attack on Onet Group
    Category: Cyber Attack
    Content: Group claims responsibility for conducting a cyberattack on ONET Group.
    Date: 2026-03-13T11:28:00Z
    Network: telegram
    Published URL: https://t.me/itarmyofukraine2022/3723
    Screenshots:
    None
    Threat Actors: IT ARMY of Ukraine
    Victim Country: Ukraine
    Victim Industry: Network & Telecommunications
    Victim Organization: onet group
    Victim Site: onet-group.net
  47. Alleged data breach of Njik App
    Category: Data Breach
    Content: The threat actor claims to have breached data from Njik App.
    Date: 2026-03-13T11:27:25Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Saudi-Arabia-njik-app-data
    Screenshots:
    None
    Threat Actors: Anonymous2090
    Victim Country: Saudi Arabia
    Victim Industry: Hospitality & Tourism
    Victim Organization: njik app
    Victim Site: njik.com.sa
  48. Alleged data sale of Loblaw Companies
    Category: Data Breach
    Content: The threat actor claims to be selling database of Loblaw Companies Limited, the compromised data contains large volumes of sensitive data across multiple internal platforms, including customer information, pharmacy records, e-commerce data, and source code repositories. According to the actor, the alleged breach includes tens to hundreds of millions of records such as customer contact details, loyalty information, prescription-related data linked to Shoppers Drug Mart, payment card details, fraud monitoring records, and user identity data, as well as thousands of source code projects.
    Date: 2026-03-13T11:25:33Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-Loblaw-Data-Breach
    Screenshots:
    None
    Threat Actors: igotafeeling
    Victim Country: Canada
    Victim Industry: Retail Industry
    Victim Organization: loblaw companies limited
    Victim Site: loblaw.ca
  49. We are MONARCH claims to target USA and Israel
    Category: Alert
    Content: The threat actor claims to target both the USA and Israel, specifically referencing the Central Intelligence Agency (CIA), the Mossad, and Rafael Advanced Defense Systems, along with unspecified systems in Israel’s nuclear sector
    Date: 2026-03-13T11:17:55Z
    Network: telegram
    Published URL: https://t.me/c/2869875394/367
    Screenshots:
    None
    Threat Actors: We are MONARCH
    Victim Country: Israel
    Victim Industry: International Affairs
    Victim Organization: cia
    Victim Site: cia.gov
  50. Alleged Sale of Kenya Government Admin Dashboard
    Category: Initial Access
    Content: The group claims to be selling Kenya government admin dashboard credentials.
    Date: 2026-03-13T11:15:05Z
    Network: telegram
    Published URL: https://t.me/c/2705921599/216
    Screenshots:
    None
    Threat Actors: Z-Root
    Victim Country: Kenya
    Victim Industry: Government Administration
    Victim Organization: Unknown
    Victim Site: Unknown
  51. Alleged sale of unauthorized admin access to Sanatoriums and Resorts of Ukraine
    Category: Initial Access
    Content: Threat Actor claims to be selling unauthorized admin access to Sanatoriums and Resorts of Ukraine.
    Date: 2026-03-13T10:51:48Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-admin-panel-zahidkurort-com-ua
    Screenshots:
    None
    Threat Actors: GoogleAdmin
    Victim Country: Ukraine
    Victim Industry: Leisure & Travel
    Victim Organization: sanatoriums and resorts of ukraine
    Victim Site: zahidkurort.com.ua
  52. Alleged data leak of Pegawai DISKOMINFO
    Category: Data Breach
    Content: The threat actor claims to have leaked 40 employees data records allegedly belonging to Pegawai DISKOMINFO, reportedly containing information such as name, NIP, status, place of birth, date of birth, KK number, NIK, NPWP, ASKES number, religion, and more.
    Date: 2026-03-13T10:49:01Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DUMP-Database-Pegawai-DISKOMINFO-40-Records
    Screenshots:
    None
    Threat Actors: kyzo
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  53. Alleged data breach of BAYDÖNER
    Category: Data Breach
    Content: The threat actor claims to have breached 3.7 million records from BAYDÖNER, allegedly including 2 million user records, 1.5 million CRM customer records, and 200,000 order records.
    Date: 2026-03-13T10:42:56Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-Bayd%C3%B6ner-%E2%80%94-Full-DB-Breach-3-7M-Records
    Screenshots:
    None
    Threat Actors: TurkGuvenlik
    Victim Country: Turkey
    Victim Industry: Restaurants
    Victim Organization: baydöner
    Victim Site: baydoner.com
  54. Alleged data leak of Tungkaran Prince Village
    Category: Data Breach
    Content: The threat actor claims to have leaked data from from Tungkaran Prince Village, allegedly containing residents’ personal information such as NIK (national identification numbers), names, and RT details.
    Date: 2026-03-13T10:40:45Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATA-BDT-basis-data-terpadu-KELURAHAN-TUNGKARAN-PANGERAN
    Screenshots:
    None
    Threat Actors: MRLUCK
    Victim Country: Indonesia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  55. Alleged data leak of the General Directorate of Human Resources in Aguascalientes, Mexico
    Category: Data Breach
    Content: The threat actor claims to have leaked a database allegedly belonging to the General Directorate of Human Resources in Aguascalientes, Mexico, containing employee information such as full names, paternal and maternal surnames, CURP, RFC, shift details, job classification, hours worked, and work center information.
    Date: 2026-03-13T10:30:22Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-M%C3%89XICO-DIRECCI%C3%93N-GENERAL-DE-RECURSOS-HUMANOS-AGUASCALIENTES
    Screenshots:
    None
    Threat Actors: MagoSpeak
    Victim Country: Mexico
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  56. Alleged leak of records from Chinese online gambling platforms
    Category: Data Breach
    Content: The threat actor claims to be selling a dataset containing more than 6.55 million records sourced from multiple Chinese online gambling environments.
    Date: 2026-03-13T10:28:42Z
    Network: telegram
    Published URL: https://t.me/c/3745504505/1068
    Screenshots:
    None
    Threat Actors: Whale Market
    Victim Country: China
    Victim Industry: Gambling & Casinos
    Victim Organization: Unknown
    Victim Site: Unknown
  57. Alleged Sale of Unauthorized VPN Access to Slovak Manufacturing Company
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized VPN access to a manufacturing company in Slovakia.
    Date: 2026-03-13T10:24:58Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278217/
    Screenshots:
    None
    Threat Actors: personX
    Victim Country: Slovakia
    Victim Industry: Manufacturing
    Victim Organization: Unknown
    Victim Site: Unknown
  58. Alleged data sale of Gauteng Provincial Government
    Category: Data Breach
    Content: The threat actor claims to be selling 3.8 TB of data from the Gauteng Provincial Government, allegedly related to government departments, public programs, healthcare, education, housing, and economic development initiatives.
    Date: 2026-03-13T10:23:37Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-Gauteng-Provincial-Government-Breach-3-8-TB-www-gauteng-gov-za
    Screenshots:
    None
    Threat Actors: XP95
    Victim Country: South Africa
    Victim Industry: Government Administration
    Victim Organization: gauteng provincial government
    Victim Site: gauteng.gov.za
  59. Alleged data leak of qnqb.com
    Category: Data Breach
    Content: The group claims to have leaked database, with a total volume of 72M data records from qnqb.com
    Date: 2026-03-13T10:05:00Z
    Network: telegram
    Published URL: https://t.me/c/3745504505/1069
    Screenshots:
    None
    Threat Actors: Whale Market
    Victim Country: China
    Victim Industry: Gambling & Casinos
    Victim Organization: Unknown
    Victim Site: qnqb.com
  60. Alleged leak of data from unidentified Chinese online gambling platform
    Category: Data Breach
    Content: The threat actor claims to be selling a dataset allegedly sourced from an unidentified Chinese online gambling platform.The material includes user information such as real-name identifiers, contact numbers, partial payment account indicators, password hashes, login IP addresses, and detailed betting/deposit histories.
    Date: 2026-03-13T10:04:54Z
    Network: telegram
    Published URL: https://t.me/c/3745504505/1064
    Screenshots:
    None
    Threat Actors: Whale Market
    Victim Country: China
    Victim Industry: Gambling & Casinos
    Victim Organization: Unknown
    Victim Site: xpj.8883888.top
  61. Alleged leak of Chinese online gambling platform data
    Category: Data Breach
    Content: The threat actor claims to have leaked over 400,000 records from a Chinese online gambling platform. The exposed dataset reportedly contains user-level information including account identifiers, names, IP addresses, real-world location data, recharge and withdrawal histories, discount values, telephone numbers, and client bundle version IDs.
    Date: 2026-03-13T09:54:54Z
    Network: telegram
    Published URL: https://t.me/c/3745504505/1063
    Screenshots:
    None
    Threat Actors: Whale Market
    Victim Country: China
    Victim Industry: Gambling & Casinos
    Victim Organization: Unknown
    Victim Site: vywbwc5r.8555xzl2.cc
  62. Starbucks suffers Data Breach
    Category: Data Breach
    Content: Starbucks disclosed a data breach affecting hundreds of employees after attackers gained access to 889 Starbucks Partner Central accounts, an internal platform used to manage HR and employment information. The attackers obtained login credentials through websites impersonating the Partner Central portal, allowing unauthorized access between January 19 and February 11. Exposed data may include employee names, Social Security numbers, dates of birth, and financial account details. Starbucks has notified law enforcement and is offering two years of credit monitoring and identity-theft protection to affected employees.
    Date: 2026-03-13T09:52:32Z
    Network: openweb
    Published URL: https://www.bleepingcomputer.com/news/security/starbucks-discloses-data-breach-affecting-hundreds-of-employees/
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: USA
    Victim Industry: Food & Beverages
    Victim Organization: starbucks
    Victim Site: starbucks.com
  63. Order403 claims to target Cuba
    Category: Alert
    Content: A recent post by the group indicates that they are targeting Cuba.
    Date: 2026-03-13T09:46:41Z
    Network: telegram
    Published URL: https://t.me/ord403/17
    Screenshots:
    None
    Threat Actors: Order403
    Victim Country: Cuba
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  64. Alleged data sale of Therapeutes.com
    Category: Data Breach
    Content: The threat actor claims to be selling data from Therapeutes.com, allegedly containing sensitive information on 71,502 patients and 199,697 therapy appointments, including 56,225 consultation records and 23,492 entries with therapy reasons.
    Date: 2026-03-13T09:29:28Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-FR-Therapeutes-com
    Screenshots:
    None
    Threat Actors: HexDex
    Victim Country: France
    Victim Industry: Health & Fitness
    Victim Organization: therapeutes.com
    Victim Site: therapeutes.com
  65. SOLO APT by Kafir claims to target Tamasha
    Category: Alert
    Content: A recent post by the group indicates that they are targeting Tamasha.
    Date: 2026-03-13T09:25:37Z
    Network: telegram
    Published URL: https://t.me/Solo_apt_by_kafir/96
    Screenshots:
    None
    Threat Actors: SOLO APT by Kafir
    Victim Country: Pakistan
    Victim Industry: Entertainment & Movie Production
    Victim Organization: tamasha
    Victim Site: tamashaweb.com
  66. BABAYO EROR SYSTEM targets the website of nicholasmartin.omcdemosites.com
    Category: Defacement
    Content: The group claims to have defaced the website of nicholasmartin.omcdemosites.com
    Date: 2026-03-13T09:23:47Z
    Network: telegram
    Published URL: https://t.me/c/3865526389/136
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: nicholasmartin.omcdemosites.com
  67. BABAYO EROR SYSTEM targets the website of vailinsurance.omcdemosites.com
    Category: Defacement
    Content: The group claims to have defaced the website of vailinsurance.omcdemosites.com
    Date: 2026-03-13T09:21:18Z
    Network: telegram
    Published URL: https://t.me/c/3865526389/136
    Screenshots:
    None
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: vailinsurance.omcdemosites.com
  68. Cyber ​​Islamic resistance targets the website of lvperfumers.com
    Category: Defacement
    Content: The group claims to have defaced the website of lvperfumers.com.
    Date: 2026-03-13T09:10:27Z
    Network: telegram
    Published URL: https://t.me/CIR48/1730
    Screenshots:
    None
    Threat Actors: Cyber ​​Islamic resistance
    Victim Country: Unknown
    Victim Industry: Other Industry
    Victim Organization: Unknown
    Victim Site: lvperfumers.com
  69. Cyber ​​Islamic resistance targets the website of Diamond Finance Pvt. Ltd.
    Category: Defacement
    Content: The group claims to have defaced the website of Diamond Finance Pvt. Ltd.
    Date: 2026-03-13T09:08:44Z
    Network: telegram
    Published URL: https://t.me/CIR48/1730
    Screenshots:
    None
    Threat Actors: Cyber ​​Islamic resistance
    Victim Country: India
    Victim Industry: Financial Services
    Victim Organization: diamond finance pvt. ltd.
    Victim Site: diamondfinancepvt.com
  70. Alleged unauthorized access to Rafael Next-Generation Battle Management and Control Systems
    Category: Initial Access
    Content: Group claims to have obtained unauthorized access to the Rafael Next-Generation Battle Management and Control (BMC) and communication systems in Israel.
    Date: 2026-03-13T08:19:39Z
    Network: telegram
    Published URL: https://t.me/c/2869875394/366
    Screenshots:
    None
    Threat Actors: We are MONARCH
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  71. Alleged leak of login credentials to Fernando Alarcon Lisci
    Category: Initial Access
    Content: The group claims to have leaked login credentials to Fernando Alarcon Lisci.
    Date: 2026-03-13T08:01:05Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1237
    Screenshots:
    None
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: Spain
    Victim Industry: Marketing, Advertising & Sales
    Victim Organization: fernando alarcon lisci
    Victim Site: liscimeanssmooth.com
  72. Alleged data breach of Knowledge Management Scitech VRU
    Category: Data Breach
    Content: The group claims to have breached the database and leaked the login credentials of Knowledge Management Scitech VRU.
    Date: 2026-03-13T07:39:31Z
    Network: telegram
    Published URL: https://t.me/blueshadow67/238?single
    Screenshots:
    None
    Threat Actors: Blue Shadow
    Victim Country: Thailand
    Victim Industry: Education
    Victim Organization: knowledge management scitech vru
    Victim Site: kmsci.vru.ac.th
  73. Alleged leak of login credentials to INOU LATAM
    Category: Initial Access
    Content: The group claims to have leaked login credentials to INOU LATAM.
    Date: 2026-03-13T07:16:38Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1223
    Screenshots:
    None
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: Panama
    Victim Industry: Information Technology (IT) Services
    Victim Organization: inou latam
    Victim Site: web.inou.app
  74. Alleged leak of login access to Inou
    Category: Initial Access
    Content: The group claims to have leaked login access to Inou.
    Date: 2026-03-13T07:14:05Z
    Network: telegram
    Published URL: https://t.me/c/2433981896/1228
    Screenshots:
    None
    Threat Actors: DEFACER INDONESIAN TEAM
    Victim Country: Panama
    Victim Industry: Software
    Victim Organization: inou
    Victim Site: web.inou.app
  75. Alleged data breach of Punjab Sahulat Bazaars Authority
    Category: Data Breach
    Content: The group claims to have breached 6.5 GB of data from Punjab Sahulat Bazaars Authority. The compromised data includes usernames, passwords, mobile numbers, emails, shop IDs, shop addresses, and shop owner details.
    Date: 2026-03-13T07:06:54Z
    Network: telegram
    Published URL: https://t.me/Solo_apt_by_kafir/78
    Screenshots:
    None
    Threat Actors: SOLO APT by Kafir
    Victim Country: Pakistan
    Victim Industry: Government Administration
    Victim Organization: punjab sahulat bazaars authority
    Victim Site: psba.gop.pk
  76. Hax.or targets the website of opsi.ponyhost.xyzv
    Category: Defacement
    Content: The group claims to have defaced the website of opsi.ponyhost.xyzv.
    Date: 2026-03-13T07:03:05Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129145
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: opsi.ponyhost.xyzv
  77. Alleged data breach of Nayatel
    Category: Data Breach
    Content: The group claims to have breached the database of Nayatel. The compromised dataset allegedly contains user name, first name, last name, mobile number, e-mail etc.
    Date: 2026-03-13T06:53:54Z
    Network: telegram
    Published URL: https://t.me/Solo_apt_by_kafir/81
    Screenshots:
    None
    Threat Actors: SOLO APT by Kafir
    Victim Country: Pakistan
    Victim Industry: Network & Telecommunications
    Victim Organization: nayatel
    Victim Site: nayatel.com
  78. Alleged sale of unauthorized network access to unidentified French banking subsidiary
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized access to the network of a French asset management company affiliated with Crédit Mutuel Alliance Fédérale, allegedly including Citrix NetScaler sessions, Azure accounts, Entra ID applications, SQL backups, and internal source code.
    Date: 2026-03-13T05:57:41Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-Access-French-banking-subsidiary
    Screenshots:
    None
    Threat Actors: happywalad
    Victim Country: France
    Victim Industry: Financial Services
    Victim Organization: Unknown
    Victim Site: Unknown
  79. Alleged Data Leak of Unidentified Organization in Canada
    Category: Data Breach
    Content: Threat actor claims to be selling Canadian fullz containing personal and financial information of individuals in Canada. The listing allegedly includes full name, SIN, date of birth, address, email, phone number, and bank-related information, along with supporting documents such as driver’s licenses, passports, and void checks.
    Date: 2026-03-13T05:49:37Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278203/
    Screenshots:
    None
    Threat Actors: Payload
    Victim Country: Canada
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  80. Alleged sale of mail: pass corporate data
    Category: Data Breach
    Content: Threat actor claims to be leaking a database containing approximately 10,000 email:password combinations allegedly belonging to corporate and personal accounts. The listing states the dataset includes credentials from US and EU users, advertised as a private combo database suitable for brute-force or spam activities, with a mix of valid and invalid email accounts.
    Date: 2026-03-13T05:46:18Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278188/
    Screenshots:
    None
    Threat Actors: PeachesNCream
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  81. Hax.or targets the website of Labeaute Clinic
    Category: Defacement
    Content: The group claims to have defaced the website of Labeaute Clinic
    Date: 2026-03-13T04:59:27Z
    Network: telegram
    Published URL: https://t.me/ctifeeds/129133
    Screenshots:
    None
    Threat Actors: Hax.or
    Victim Country: Kuwait
    Victim Industry: Hospital & Health Care
    Victim Organization: labeaute clinic
    Victim Site: labeaute.com.kw
  82. Alleged leak of IBAN data from Spain
    Category: Data Breach
    Content: Threat actor claims to have leaked the dataset allegedly containing Spanish financial lead data associated with IBAN numbers.
    Date: 2026-03-13T04:56:39Z
    Network: openweb
    Published URL: https://darkforums.su/Thread-DATABASE-SP%C3%81IN-LEADS-IBAN
    Screenshots:
    None
    Threat Actors: injectioninferno2
    Victim Country: Spain
    Victim Industry: Financial Services
    Victim Organization: Unknown
    Victim Site: Unknown
  83. Alleged Sale of Private Crypto, AI, and Finance Databases
    Category: Data Breach
    Content: The threat actor claims to be selling multiple datasets allegedly related to cryptocurrency platforms, AI services, and finance-related websites.
    Date: 2026-03-13T04:28:44Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-SELLING-Private-Crypto-Data
    Screenshots:
    None
    Threat Actors: Sythe
    Victim Country: Unknown
    Victim Industry: Financial Services
    Victim Organization: btc.allo.xyz
    Victim Site: btc.allo.xyz
  84. Alleged Sale of IBAN Spain Leads Dataset
    Category: Data Breach
    Content: The threat actor claims to have leaked the dataset allegedly containing Spanish financial lead data associated with IBAN numbers.
    Date: 2026-03-13T04:15:36Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-IBAN-SPAIN-LEADS
    Screenshots:
    None
    Threat Actors: injectioninferno
    Victim Country: Spain
    Victim Industry: Financial Services
    Victim Organization: Unknown
    Victim Site: Unknown
  85. Alleged data breach of P1000
    Category: Data Breach
    Content: The threat actor claims to have breached the database of the Israeli online shopping website P1000, and the dataset allegedly contains customer personal information, including identity/customer card numbers, email addresses, names, phone numbers, addresses, and passwords.
    Date: 2026-03-13T04:13:41Z
    Network: telegram
    Published URL: https://t.me/IndoHaxSec3/71
    Screenshots:
    None
    Threat Actors: INDOHAXSEC
    Victim Country: Israel
    Victim Industry: E-commerce & Online Stores
    Victim Organization: p1000
    Victim Site: p1000.co.il
  86. Alleged Data Breach of ICFES
    Category: Data Breach
    Content: The threat actor claims to have breached the database of ICFES, and the dataset allegedly contains personal information related to Colombian citizens and educational records its over 30 million individual data.
    Date: 2026-03-13T03:48:06Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-DATABASE-ICFES-DATA-LEAK-100GB
    Screenshots:
    None
    Threat Actors: CryptoDead
    Victim Country: Colombia
    Victim Industry: Government Relations
    Victim Organization: instituto colombiano para la evaluación de la educación (icfes)
    Victim Site: icfes.gov.co
  87. Alleged Leak of Iranian Educational Institution Data
    Category: Data Breach
    Content: The threat actor claims to have leaked a dataset allegedly belonging to an Iranian educational institution, containing personal information and related documents.
    Date: 2026-03-13T03:28:11Z
    Network: openweb
    Published URL: https://breachforums.as/Thread-COLLECTION-Iranian-Educational-Data-Leaks-2026
    Screenshots:
    None
    Threat Actors: PhantomSY
    Victim Country: Iran
    Victim Industry: Education
    Victim Organization: Unknown
    Victim Site: Unknown
  88. 313 Team targets the website of hopokw.com
    Category: Defacement
    Content: The group claims to have defaced the website of hopokw.comNB: The authenticity yet to be verified
    Date: 2026-03-13T03:08:33Z
    Network: telegram
    Published URL: https://t.me/xX313XxTeam/721?single
    Screenshots:
    None
    Threat Actors: 313 Team
    Victim Country: Kuwait
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: hopokw.com
  89. 313 Team targets the website of grillokw.com
    Category: Defacement
    Content: The group claims to have defaced the website of grillokw.comNB: The authenticity yet to be verified
    Date: 2026-03-13T03:03:47Z
    Network: telegram
    Published URL: https://t.me/xX313XxTeam/721
    Screenshots:
    None
    Threat Actors: 313 Team
    Victim Country: Kuwait
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: grillokw.com
  90. Alleged Data Breach of Amazing Lock and Key
    Category: Data Breach
    Content: Threat actor claims to be leaking a database allegedly associated with Amazing Lock & Key linked to the domain amazinglockandkey.com.
    Date: 2026-03-13T00:33:24Z
    Network: openweb
    Published URL: https://darknetarmy.io/threads/dump-a-amazinglockandkey-com.89400/
    Screenshots:
    None
    Threat Actors: Shadow Warrior
    Victim Country: USA
    Victim Industry: Professional Services
    Victim Organization: amazing lock and key
    Victim Site: a-amazinglockandkeys.com
  91. TELUS Digital suffers Data Breach
    Category: Data Breach
    Content: TELUS Digital was reportedly subjected to a data breach by the hacker group ShinyHunters. The attackers claim they gained unauthorized access to the company’s systems and stole nearly 1 petabyte of data during a multi-month intrusion. According to the group, the breach was carried out using Google Cloud Platform credentials allegedly obtained from data exposed in the Salesloft Drift breach, enabling them to access multiple internal systems and extract large datasets related to customer support operations and telecommunications services.
    Date: 2026-03-13T00:32:28Z
    Network: openweb
    Published URL: https://www.bleepingcomputer.com/news/security/telus-digital-confirms-breach-after-hacker-claims-1-petabyte-data-theft/
    Screenshots:
    None
    Threat Actors: Unknown
    Victim Country: Canada
    Victim Industry: Information Technology (IT) Services
    Victim Organization: telus digital
    Victim Site: telusdigital.com
  92. Alleged Data Leak of NASA Research Projects
    Category: Data Breach
    Content: Threat actor claims to be leaking a PDF document allegedly related to classified research projects of NASA. The file reportedly contains specific research details and personal contact information.
    Date: 2026-03-13T00:20:04Z
    Network: openweb
    Published URL: https://xforums.st/threads/usa-classified-nasa-research-projects-doc.532711/
    Screenshots:
    None
    Threat Actors: jrintel
    Victim Country: USA
    Victim Industry: Research Industry
    Victim Organization: Unknown
    Victim Site: Unknown
  93. Alleged sale of 150 Ireland card records
    Category: Data Breach
    Content: Threat actor claims to be selling 150 card records from Ireland. The compromised data reportedly includes card number, cvv, first name, last name, street etc.
    Date: 2026-03-13T00:18:36Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/278125/
    Screenshots:
    None
    Threat Actors: urbsnv
    Victim Country: Ireland
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown

Related Posts