[February-8-2026] Daily Cybersecurity Threat Report

Posted on

1. Executive Summary

On February 8, 2026, a significant surge in cyber activity was observed, characterized by a diverse range of attack vectors including massive data breaches, website defacements, and the sale of initial access credentials. The provided dataset details incidents affecting organizations across the globe, with notable concentrations in France, Indonesia, India, and the Middle East.

Key observations include:

  • High-Volume Data Breaches: Major breaches involving millions of records were reported, such as the alleged leak of 10 million records from Pôle Emploi in France and 80 million credit card records.+1
  • Targeted Defacement Campaigns: Groups like “Global Error System” and “Cyb3r Drag0nz” executed coordinated defacement campaigns, primarily targeting Indonesian media and Syrian entities.+2
  • Sector Vulnerability: The Education and Government sectors were disproportionately targeted, with numerous universities and public sector databases (including social assistance data) compromised.+2
  • Infrastructure & ICS Attacks: Alarmingly, there were multiple reports of unauthorized access to industrial control systems (ICS) and building automation systems, specifically in Poland and Italy.+3

2. Threat Landscape Analysis

2.1. Attack Categories Overview

The incidents fall into three primary categories:

  1. Data Breaches: The unauthorized exfiltration and leaking (or selling) of sensitive databases. This was the most prevalent category.
  2. Defacements: The visual alteration of websites to signal compromise, often motivated by “hacktivism” or reputation building.
  3. Initial Access: The sale or sharing of unauthorized access methods (RDP, VPN, Admin panels) to corporate networks.

2.2. Geographic Distribution

The data indicates a global spread of victims:

  • Europe: heavily impacted, particularly France (Pôle Emploi, SOS Médecins) and Italy (Municipality of Aymavilles).
  • Asia-Pacific: Significant activity in Indonesia (Government social funds, media outlets) and India (Education, IT services).
  • Middle East: Frequent targeting of Saudi Arabia, Israel, and UAE, often involving credential leaks by actors like “A K U L A v 2”.
  • Americas: Incidents in the USA (Fossil Group, Chess.com), Brazil, and Mexico.

3. Detailed Incident Analysis: Data Breaches

The following section details significant data breaches, categorized by industry.

3.1. Government and Public Sector

The public sector faced severe compromises involving sensitive citizen data.

  • France – Pôle Emploi: A threat actor named “Kirigaya” claimed to sell a database containing approximately 10 million records from the French employment agency. The data allegedly includes National ID numbers (NIR), full names, and agency details.+1
  • Indonesia – Social Assistance (Bansos): Actor “1LH4MZXSEC” leaked a database of 2025 social assistance beneficiaries. This leak exposes names, addresses, and allocation details for government welfare recipients. The same actor also leaked financial realization data for West Java.+2
  • Mexico – Quintana Roo: A breach of the Government of Quintana Roo allegedly exposed 28,332 student records, including gender, age, and emails.
  • Armenia – National IDs: A dataset containing 3,500 scanned images of Armenian national ID cards was put up for sale.

3.2. Education and Academia

Educational institutions were a primary target for database dumps and credential leaks.

  • Morocco – Al Akhawayn University: A full database dump of the university was released by actor “anisanas2”.
  • Saudi Arabia – Umm Al-Qura University: Login credentials for the university were leaked on Telegram.
  • USA – University of California: The group “LunarisSec” claimed to have leaked data from the University of California.
  • India – Student Records: A massive leak involving unidentified Indian educational databases exposed student names, roll numbers, parents’ names, and academic marks.
  • France – UNSS: The Union Nationale du Sport Scolaire suffered a breach exposing personal records of minors.+4

3.3. Healthcare and Emergency Services

Attacks on healthcare providers pose immediate risks to patient privacy and safety.

  • France – SOS Médecins Bordeaux: Actor “Kirigaya” claimed to have breached this emergency medical service, exposing sensitive patient and emergency service records.
  • Saudi Arabia – Private Clinics: Unauthorized RDP and shell access to private clinics was offered for sale.

3.4. Financial Services and Cryptocurrency

Financial institutions faced both credential leaks and database breaches.

  • Global – Credit Cards: A massive dump of 80 million credit card records (CCV) was offered, with validity allegedly extending to 2039.
  • Bahrain – EazyPay & SNIC Insurance: Credential leaks targeted Eazy Financial Services and SNIC Insurance.+4
  • Australia – Caleb and Brown: A database from this cryptocurrency brokerage was leaked, containing sorted email records.
  • UAE – Abu Dhabi Islamic Bank: Login credentials for the bank were leaked on Telegram.+4
  • Venezuela – Banco Plaza: Internal banking documents related to customer identification were breached.

3.5. Corporate and Retail

Retailers and service providers were targeted for customer databases.

  • USA – Fossil Group: Data from the watch and accessory maker Fossil Group, Inc. was leaked.
  • France – Murphy: A JSON dataset of approximately 496,525 records from Murphy.fr was sold, including customer IDs and emails.
  • Ukraine – Bile Suhe: A large OpenCart database dump was released, containing orders, IP addresses, and customer details.
  • India – Jacobite Matrimony: A backup database of a dating platform was sold, containing PII of over 1,000 members.

4. Detailed Incident Analysis: Industrial Control Systems (ICS) & Infrastructure

Attacks on physical infrastructure and control systems represent a critical escalation in threat severity.

  • Poland – Car Wash Systems: The “Infrastructure Destruction Squad” claimed access to an exposed industrial control system for “ANNETTE” car wash operations. The access allowed for monitoring temperatures and controlling operational states.+3
  • Italy – Municipality of Aymavilles: The group “NoName057(16)” accessed building automation systems at the former Hotel Suisse. This compromised HVAC and hot water controls, allowing the attackers to manipulate valves, pumps, and temperature settings.+1
  • Italy – HVAC Control: Separately, the “Z-PENTEST ALLIANCE” claimed access to another Italian HVAC system, allowing modification of humidity and fan settings.
  • USA – Research System: The “Infrastructure Destruction Squad” also claimed access to a research-oriented control system in the US.+2

5. Detailed Incident Analysis: Defacement Campaigns

Several threat actor groups engaged in high-volume defacement activities.

  • Global Error System: This group conducted a rapid-fire campaign against Indonesian websites. Targets included:
    • MIN 12 Banjar (Education).
    • TravelTour (Travel).
    • BeritaPosPublikNews (Media).
    • InfoDaerahOnline (Media).
    • NusantaraNews (Media).
  • Cyb3r Drag0nz: This group focused on Syrian targets, defacing websites related to card services, including digicards.sy, mycards.sy, and syria-cards.sy.+1
  • BABAYO EROR SYSTEM: Targeted Al Hareb Marine in the UAE and MIB Consultants in India.+1

6. Threat Actor Profiling

Based on the dataset, several threat actors demonstrated high capabilities and operational tempo.

6.1. Kirigaya (also “0xKirigaya”)

  • Activity: Extremely high. Responsible for some of the largest breaches in the dataset.
  • Targets: Heavily focused on France (Pôle Emploi, SOS Médecins, UNSS, Cigarette Electronique Toulouse) but also targeted the UK (Joy), Brazil (A2IT), Bangladesh (OCMSBD), and the USA (Chess.com).
  • Modus Operandi: Leaking large SQL and JSON databases containing PII.
  • Key Incidents:.+4

6.2. A K U L A v 2

  • Activity: High frequency of credential leaks.
  • Targets: Focused on the Middle East (Israel, Saudi Arabia, Bahrain, Iran, Iraq, UAE).
  • Sectors: Financial services, Education, IT, and Telecommunications.
  • Modus Operandi: Leaking login credentials on Telegram.
  • Key Incidents:.+4

6.3. Infrastructure Destruction Squad

  • Activity: Targeted unauthorized access to control systems.
  • Targets: Industrial systems in Poland, Brazil, and the USA.
  • Modus Operandi: Gaining access to interfaces (likely via exposed ports or weak credentials) that control physical equipment (HVAC, Car washes).
  • Key Incidents:.+2

6.4. Global Error System

  • Activity: Rapid, low-sophistication defacements.
  • Targets: Indonesian media and small business subdomains (https://www.google.com/search?q=.stoedioportal.com).
  • Modus Operandi: Mass defacement of web servers.
  • Key Incidents:.

7. Regional Deep Dive

7.1. France

France experienced a severe wave of cyberattacks. The most critical was the Pôle Emploi breach, potentially affecting millions of citizens. The targeting of SOS Médecins Bordeaux indicates a disregard for critical health infrastructure. Additionally, retail and real estate sectors (ImmoPop, Murphy) were hit, suggesting a broad campaign by actor “Kirigaya” to harvest French PII.+1

7.2. Indonesia

Indonesia faced a dual threat: politically sensitive data leaks and mass defacements. The leak of the 2025 Bansos (social assistance) database and West Java financial data by “1LH4MZXSEC” suggests politically motivated hacktivism or an attempt to undermine government trust. Simultaneously, “Global Error System” and “UNDERGROUND-NET” conducted widespread website vandalism.+1

7.3. Middle East (Israel, Saudi Arabia, UAE, Iran)

This region saw a high volume of credential leaks rather than massive database dumps. Actor “A K U L A v 2” systematically targeted specific institutions like the Arab National Bank and Umm Al-Qura University. The recurring nature of these leaks suggests persistent access or a successful phishing campaign targeting the region’s digital infrastructure.+1

8. Vulnerabilities and Tools

The reports highlight several specific vulnerabilities and tools used by attackers:

  • SQL Injection (SQLi): Explicitly mentioned in the breaches of A2IT and Lenovo Asia Regions Logistics.+1
  • RDP/Shell Access: Sold for private clinics in Saudi Arabia and European file hosting infrastructure.+1
  • Root-Level RCE: Threat actor “miyako” claimed to sell root-level Remote Code Execution access to a private AI business platform.
  • Malware/Tools: A “DAEMON Engine AIO Checker” was released for cracking accounts on services like Netflix and PayPal.

9. Conclusion

The cyber incidents reported on February 8, 2026, illustrate a volatile and aggressive threat landscape.

  1. Data as a Commodity: The sheer volume of PII available for sale—from French unemployment records to Indonesian welfare data—confirms that personal data remains a primary currency for cybercriminals.
  2. Infrastructure Risk: The successful access to HVAC and industrial systems in Europe and the US highlights a critical gap in OT (Operational Technology) security. These systems are increasingly connected to the internet, making them vulnerable to actors like the “Infrastructure Destruction Squad.”
  3. Actor Specialization: The landscape is divided between “bulk leakers” like Kirigaya who compromise massive datasets, “access brokers” like Big-Bro and miyako who sell entry points, and “hacktivists” like Global Error System who focus on visibility through defacement.

Organizations, particularly in the Government, Education, and Healthcare sectors, must urgently review their exposure to SQL injection vulnerabilities and secure remote access points (RDP/VPN) to mitigate these observed threats.

Detected Incidents Draft Data

  1. Alleged data breach of Jacobite Matrimony
    Category: Data Breach
    Content: The threat actor claims to be selling/leaking a backup database of the Jacobite Matrimony dating platform, which allegedly contains over 1,000 unique user records including personal email addresses and other personally identifiable information (PII) of registered members.
    Date: 2026-02-08T23:00:49Z
    Network: openweb
    Published URL: https://breachforums.cz/index.php?threads/jacobite-matrimony-dating-site.353/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/eb322f14-dc03-4f79-8b9c-1c037eba9ebc.png
    Threat Actors: ScorpionKing
    Victim Country: India
    Victim Industry: E-commerce & Online Stores
    Victim Organization: jacobite matrimony
    Victim Site: jacobitesmatrimonial.com
  2. Alleged leak of login credentials to Diriyah Gate Development Authority
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Diriyah Gate Development Authority
    Date: 2026-02-08T22:56:20Z
    Network: telegram
    Published URL: https://t.me/c/2451084701/545241
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b6721e38-79c8-4b64-8a79-e42c2561ac2a.png
    Threat Actors: Buscador
    Victim Country: Saudi Arabia
    Victim Industry: Government Administration
    Victim Organization: diriyah gate development authority
    Victim Site: dgda.gov.sa
  3. Cyb3r Drag0nz targets the website of digicards.sy
    Category: Defacement
    Content: The group claims to have defaced the website of digicards.sy
    Date: 2026-02-08T22:55:41Z
    Network: telegram
    Published URL: https://t.me/c/3504564040/149
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/bf36d91d-a2e0-4f17-9adc-327c0fbb5a80.jpg
    Threat Actors: Cyb3r Drag0nz
    Victim Country: Syria
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: digicards.sy
  4. Alleged data breach of Murphy
    Category: Data Breach
    Content: A threat actor claims to be selling a database allegedly associated with Murphy.fr. The dataset is described as being in JSON format and reportedly contains approximately 496,525 records dated to 2025. the exposed data may include customer information such as IDs, email addresses, and first and last names.
    Date: 2026-02-08T22:48:01Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-FR-murphy-fr
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c5e98093-db8d-42bb-acf2-a262b28876d4.png
    Threat Actors: 0xKirigaya
    Victim Country: France
    Victim Industry: Software
    Victim Organization: murphy
    Victim Site: murphy.fr
  5. Cyb3r Drag0nz targets the website of mycards.sy
    Category: Defacement
    Content: The group claims to have defaced the website of mycards.sy
    Date: 2026-02-08T22:41:42Z
    Network: telegram
    Published URL: https://t.me/c/3504564040/150
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9ce97121-b984-42bd-b305-ed3d1b24344c.png
    Threat Actors: Cyb3r Drag0nz
    Victim Country: Syria
    Victim Industry: Unknown
    Victim Organization: my cards
    Victim Site: mycards.sy
  6. Cyb3r Drag0nz targets the website of Syria Cards
    Category: Defacement
    Content: The group claims to have defaced the website of Syria Cards
    Date: 2026-02-08T22:29:50Z
    Network: telegram
    Published URL: https://t.me/c/3504564040/148
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b65e94b0-8ed4-4150-803b-97ac060d08b5.png
    Threat Actors: Cyb3r Drag0nz
    Victim Country: Syria
    Victim Industry: Unknown
    Victim Organization: syria cards
    Victim Site: syria-cards.sy
  7. Alleged leak of login credentials to SMS4FREE
    Category: Data Breach
    Content: The group claims to have leaked login credentials to SMS4FREE.
    Date: 2026-02-08T22:11:21Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1062702
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/090ae6af-f5fa-4066-92dd-62da5bddd0ec.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Information Technology (IT) Services
    Victim Organization: sms4free
    Victim Site: sms4free.co.il
  8. Alleged Sale of Government & Law Enforcement Email Accounts
    Category: Data Breach
    Content: Threat actor claims to be selling government and law enforcement email accounts from various organizations from multiple nations.
    Date: 2026-02-08T21:54:56Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275556/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/04f2a73d-016e-4670-9faf-6c571a70fc68.png
    https://d34iuop8pidsy8.cloudfront.net/b6b935e1-f29d-480a-9abd-757f3d339671.png
    Threat Actors: Glixhmaster
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  9. Alleged data breach of Bile Suhe
    Category: Data Breach
    Content: The group claims to have leaked database of Bile Suhe. The exposed data reportedly consists of a large OpenCart database dump, including customer records, orders, addresses, emails, phone numbers, IP addresses, purchase histories and amounts, city and location data, user accounts, session data, coupons, vouchers and administrative tables.
    Date: 2026-02-08T21:53:19Z
    Network: telegram
    Published URL: https://t.me/perunswaroga/1164
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c9b3b6fa-aa81-43f0-8b77-613b2bb6b9b8.jpg
    Threat Actors: Perun Svaroga
    Victim Country: Ukraine
    Victim Industry: Retail Industry
    Victim Organization: bile suhe
    Victim Site: bilesuhe.com.ua
  10. Alleged unauthorized access to car‑wash operations control interface in Poland
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to an exposed industrial control system connected to ANNETTE in Poland. According to the post, the system is used to manage multi‑platform fully automatic contactless car‑wash equipment, enabling operators to start and stop individual platforms, monitor operational status, view external temperature, and track total operating hours. No evidence of data exfiltration, configuration changes, or broader network compromise was provided.
    Date: 2026-02-08T21:52:29Z
    Network: telegram
    Published URL: https://t.me/n2LP_wVf79c2YzM0/3621
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/aa9c1821-1218-48dd-b574-88c1cf50862a.png
    Threat Actors: Infrastructure Destruction Squad
    Victim Country: Poland
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  11. Alleged sale of 4.6M private leads from Japan
    Category: Data Breach
    Content: Threat actor claims to be selling 4.6 Million private leads from Japan. The compromised data reportedly contains civility, client name, phone, mobile, personal email, and country.
    Date: 2026-02-08T21:42:31Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275559/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c8e3e866-f904-43c4-930a-24dd01cfd4bf.png
    Threat Actors: betway
    Victim Country: Japan
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  12. Alleged leak of login credentials to EazyPay
    Category: Data Breach
    Content: The group claims to have leaked login credentials to EazyPay
    Date: 2026-02-08T21:32:19Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1061916
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/2776df77-3b5c-46dc-9a42-e239205967e6.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Bahrain
    Victim Industry: Financial Services
    Victim Organization: eazy financial services b.s.c
    Victim Site: eazypay.com
  13. Alleged sale of DAEMON Engine AIO Checker and Gift Card Cracker Tool
    Category: Malware
    Content: A threat actor has released an multi-service checker and gift card cracking tool . The tool allegedly supports checking accounts across more than 20 online services including PayPal, Netflix, Spotify, Discord, and gaming platforms. It reportedly features mail access checking via IMAP/POP3/SMTP, CAPTCHA auto-solve, proxy rotation, geo-spoofing, and real-time statistics
    Date: 2026-02-08T21:25:43Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-AIO-Checker-Gift-Card-Cracker
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/a810d068-f0f4-4f57-a243-0da45f31e9bd.png
    https://d34iuop8pidsy8.cloudfront.net/26c9e6d3-6a6e-4cee-a486-5383fa626401.png
    Threat Actors: anonymousgyps
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  14. Alleged data breach of Al Akhawayn University (AUI)
    Category: Data Breach
    Content: A threat actor claims to have released a full database dump allegedly belonging to Al Akhawayn University (AUI).
    Date: 2026-02-08T21:12:26Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-AUI-AL-AKHAWAYN-UNIVERSITY-FULL-db-DUMP
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7daa5f91-bd5c-4bd4-b81c-367271207a31.png
    Threat Actors: anisanas2
    Victim Country: Morocco
    Victim Industry: Education
    Victim Organization: al akhawayn university (aui)
    Victim Site: aui.ma
  15. Alleged leak of login credentials to Umm Al-Qura University
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Umm Al-Qura University
    Date: 2026-02-08T21:10:56Z
    Network: telegram
    Published URL: https://t.me/c/2451084701/544099
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c7065e02-9007-43cd-8ab1-3f000dd7354c.png
    Threat Actors: Buscador
    Victim Country: Saudi Arabia
    Victim Industry: Education
    Victim Organization: umm al-qura university
    Victim Site: uqu.edu.sa
  16. Alleged data breach of Caleb and Brown
    Category: Data Breach
    Content: A threat actor claims to be sharing a database allegedly linked to Caleb and Brown, a cryptocurrency brokerage platform.the dataset includes sorted email records and associated user information.
    Date: 2026-02-08T20:58:21Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-Caleb-and-Brown-DB-Crypto-Brokerage
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/5c90b627-3801-4178-9130-db78b43626f2.png
    Threat Actors: kiura01
    Victim Country: Australia
    Victim Industry: Financial Services
    Victim Organization: caleb and brown
    Victim Site: calebandbrown.com
  17. Alleged leak of login credentials to Blendo
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Blendo
    Date: 2026-02-08T20:40:29Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1062366
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/78afa2b9-734d-4fd7-9081-2a7609321459.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: E-commerce & Online Stores
    Victim Organization: blendo
    Victim Site: blendo.co.il
  18. Alleged sale of unauthorized access to unidentified Prestashop store from France
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized full administrative and phpmyadmin access to an unidentified online store from France.
    Date: 2026-02-08T20:35:42Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275550/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/11fdf52c-7caf-459f-8154-204fc0d3daa5.png
    Threat Actors: bobby_killa
    Victim Country: France
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  19. Alleged data breach of ImmoPop
    Category: Data Breach
    Content: A threat actor claims to be selling a database allegedly obtained from French real estate agency ImmoPop. The actor states that approximately 28,000 customer records are included in the dataset. The exposed information is said to contain full names, email addresses, phone numbers, agency details, and user roles such as admin and vendor.
    Date: 2026-02-08T20:27:36Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-FR-Immo-pop-28k-Full-Names-Emails-Phones-Agencies-Roles-Admin-Vendeur
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3e561066-6950-43e2-9f74-671b50e8d901.png
    Threat Actors: DumpSec
    Victim Country: France
    Victim Industry: Real Estate
    Victim Organization: immopop
    Victim Site: immopop.com
  20. Alleged unauthorized access to Poongsan Corporation
    Category: Initial Access
    Content: The group claims to have gained unauthorized access to the administrator PayPal account associated with Poongsan Corporation.
    Date: 2026-02-08T20:04:57Z
    Network: telegram
    Published URL: https://t.me/c/2875163062/575
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/5f426e3b-24ce-4ed6-93a3-ddfd1e66d6a7.png
    Threat Actors: RipperSec
    Victim Country: South Korea
    Victim Industry: Defense & Space
    Victim Organization: poongsan corporation
    Victim Site: poongsan.co.kr
  21. Alleged Data Leak of an Unidentified French Private Messaging Social Network
    Category: Data Breach
    Content: A threat actor claims to have leaked the complete database of a French private messaging social network. The exposed data allegedly includes private messages, user names, IP addresses, timestamps, and message metadata. A sample shared by the actor shows message contents and associated user information, with a download link provided for the full database.
    Date: 2026-02-08T19:56:34Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-French-private-message-sociale-networks
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e9039b00-f33e-4dc9-9a28-b549ec8e3ed2.png
    Threat Actors: thomasvalmorin2828
    Victim Country: France
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  22. Alleged leak of login credentials to Idea Strategic Science Development Company
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Idea Strategic Science Development Company
    Date: 2026-02-08T19:55:14Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1062311
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4d638a48-05ab-4d60-a6dd-f1c556d64fcd.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Education
    Victim Organization: idea strategic science development company
    Victim Site: ideaco.ir
  23. Alleged data breach of Rankfyt
    Category: Data Breach
    Content: A threat actor claims to have leaked a small database dump from rankfyt.com, a fitness competition management platform. The alleged leak reportedly contains participant information from around 27 events, including email addresses, full names, and in some cases phone numbers.
    Date: 2026-02-08T18:48:22Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-FR-rankfyt-com-FREE
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f391c175-b347-4e21-a987-40b93eda5296.png
    Threat Actors: XxDarkHackerxX-sama
    Victim Country: France
    Victim Industry: Sports
    Victim Organization: rankfyt
    Victim Site: rankfyt.com
  24. Alleged leak of login credentials to SNIC Insurance
    Category: Data Breach
    Content: The group claims to have leaked login credentials to SNIC Insurance
    Date: 2026-02-08T18:45:46Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1062010
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/042657b3-8ab3-40e5-a9cc-42ca1cd87c91.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Bahrain
    Victim Industry: Banking & Mortgage
    Victim Organization: snic insurance
    Victim Site: snic.com.bh
  25. Alleged sale of unauthorized access to unidentified organization from Taiwan
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized domain admin access to an unidentified manufacturing company based in Taiwan.
    Date: 2026-02-08T18:41:43Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275541/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/41bbe88b-2f71-4abd-8cbc-c10b5476a85a.png
    Threat Actors: Big-Bro
    Victim Country: Taiwan
    Victim Industry: Manufacturing
    Victim Organization: Unknown
    Victim Site: Unknown
  26. Alleged sale of lookup tool
    Category: Malware
    Content: The threat actor claims to be sharing a locally developed lookup tool written in Python. The tool is allegedly designed for searching.
    Date: 2026-02-08T18:05:07Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-lookup-tool
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/4a079756-c914-4d90-8601-f45aec724a08.png
    Threat Actors: sux1337
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  27. Alleged sale of unauthorized access to unidentified organization from Indonesia
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized domain admin access to an unidentified Hospitality organization from Indonesia.
    Date: 2026-02-08T17:57:53Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275530/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3e423c99-3fe7-46e7-836a-86c8b28e6b98.png
    Threat Actors: Big-Bro
    Victim Country: Indonesia
    Victim Industry: Hospitality & Tourism
    Victim Organization: Unknown
    Victim Site: Unknown
  28. Alleged data leak of Armenian Citizens ID Cards
    Category: Data Breach
    Content: A threat actor claims to be selling a dataset containing approximately 3,500 Armenian national ID card images. The leaked files allegedly include scanned identification cards and personal identity information of Armenian citizens.
    Date: 2026-02-08T17:55:04Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-ARMENIAN-people-ID-CARDs-3500x
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/72abe69e-3ad4-43bc-b5f3-60ac409a3966.png
    Threat Actors: 641a3
    Victim Country: Armenia
    Victim Industry: Government & Public Sector
    Victim Organization: Unknown
    Victim Site: Unknown
  29. Alleged sale of unauthorized access to unidentified organization from Indonesia
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized domain admin access to an unidentified finance retail industry organization from Indonesia.
    Date: 2026-02-08T17:44:09Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275529/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d1378514-0d1f-449d-ae26-c925af4b5531.png
    Threat Actors: Big-Bro
    Victim Country: Indonesia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  30. Alleged unauthorized access to a building automation and engineering systems at the Italian municipality of Aymavilles
    Category: Initial Access
    Content: The group claims to have gained claims to have gained unauthorized access to building automation and engineering systems at the former Hotel Suisse in Aymavilles, Italy, allegedly compromising HVAC and domestic hot water controls. According to the statement, the access reportedly enables control of valves and pumps, switching between automatic and manual modes, monitoring temperatures across multiple zones and rooms, viewing fuel levels, modifying system and network settings, and changing HMI interface identifiers
    Date: 2026-02-08T17:26:48Z
    Network: telegram
    Published URL: https://t.me/c/2787466017/2135
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/df5c3c80-8ee3-4200-b3e3-424310e303d4.jpg
    Threat Actors: NoName057(16)
    Victim Country: Italy
    Victim Industry: Government Administration
    Victim Organization: municipality of aymavilles.
    Victim Site: Unknown
  31. Alleged data breach of Pôle emploi
    Category: Data Breach
    Content: The threat actor claims to be selling/leaking a database allegedly from Pôle emploi containing around 10M records. The exposed data reportedly includes personal information such as employee identifiers, full names, national ID numbers (NIR), agency details, location information, and other internal employment-related records in JSON format.
    Date: 2026-02-08T16:32:20Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-PoleEmploi-10M
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/84b4eafd-bcac-4a31-921b-189fb671dbf0.png
    Threat Actors: Kirigaya
    Victim Country: France
    Victim Industry: Government & Public Sector
    Victim Organization: poleemploi
    Victim Site: pole-emploi.fr
  32. Alleged data breach of A2IT
    Category: Data Breach
    Content: The threat actor claims to have leaked an SQL database associated with a2it.com.br. The database is reportedly around 20.5 MB in size and contains approximately 124,925 records. The exposed data allegedly includes customer IDs, company names, email addresses, phone numbers, account credentials, addresses, and other customer management or service-related information.
    Date: 2026-02-08T16:23:36Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-a2it-com-br
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/fe1ddd71-b0aa-4ec5-9d27-8bc5a7996e3e.png
    Threat Actors: Kirigaya
    Victim Country: Brazil
    Victim Industry: Information Technology (IT) Services
    Victim Organization: a2it
    Victim Site: a2it.com.br
  33. Alleged data breach of Cigarette Electronique Toulouse
    Category: Data Breach
    Content: The threat actor claims to have leaked a database allegedly related to a Toulouse-based electronic cigarette retailer in France. The shared file is reportedly in JSON format (2.12 MB) and may contain customer or business-related information associated with the e-cigarette store. The authenticity of the data has not been verified.
    Date: 2026-02-08T16:19:33Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-France-cigarette-electronique-toulouse
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/078d6507-6a21-48d6-bcfb-5355a6214f87.png
    Threat Actors: Kirigaya
    Victim Country: France
    Victim Industry: E-commerce & Online Stores
    Victim Organization: cigarette electronique toulouse
    Victim Site: cigarette-electronique-toulouse
  34. Alleged data breach of Elena
    Category: Data Breach
    Content: A threat actor has allegedly leaked an SQL database linked to the website elena.kr.ua. The dump is advertised as approximately 7.2 MB in size and reportedly contains around 36,828 records. The exposed data likely includes user or site-related database information and is being shared via a public file link.
    Date: 2026-02-08T16:10:18Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-elena-kr-ua
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/23d0f3b5-c842-42af-b170-f3cb1fee1952.png
    Threat Actors: Kirigaya
    Victim Country: Ukraine
    Victim Industry: E-commerce & Online Stores
    Victim Organization: elena
    Victim Site: elena.kr.ua
  35. Alleged data breach of OCMSBD (Online Color Management System Bangladesh)
    Category: Data Breach
    Content: The threat actor claims to have leaked an SQL database associated with ocmsbd.com. The database is reportedly around 424 MB in size and contains approximately 579,434 records. The exposed data allegedly includes client details, contact information, job and order records, test reports, invoices, payment details, and internal operational information related to laboratory and textile testing services.
    Date: 2026-02-08T15:57:23Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-ocmsbd-com
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/cfc30c6c-473f-4f9d-bc91-b5985bca8b93.png
    Threat Actors: Kirigaya
    Victim Country: Bangladesh
    Victim Industry: Textiles
    Victim Organization: ocmsbd (online color management system bangladesh)
    Victim Site: ocmsbd.com
  36. Alleged Data Leak of an Unidentified Indian Education Database
    Category: Data Breach
    Content: The threat actor claims to have leaked a database from India containing student and academic records. The exposed data allegedly includes student names, roll numbers, parents’ names, dates of birth, gender, religion, contact details, school information, academic marks, payment details, and other personally identifiable information related to educational records.
    Date: 2026-02-08T15:41:32Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-DATABASE-COUNTRY-INDIA
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/52fd40ab-d489-445b-ba13-9527f7a6447d.png
    https://d34iuop8pidsy8.cloudfront.net/58d4de3d-c2c7-403c-99af-0f4ff209d2e9.png
    Threat Actors: Jax7
    Victim Country: India
    Victim Industry: Education
    Victim Organization: Unknown
    Victim Site: Unknown
  37. BABAYO EROR SYSTEM targets the website of Al Hareb Marine
    Category: Defacement
    Content: The group claims to have defaced the website of Al Hareb Marine.
    Date: 2026-02-08T15:31:11Z
    Network: telegram
    Published URL: https://t.me/c/3664625363/195
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/68b73ce2-0482-415a-a3bb-7fd25764c29c.png
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: UAE
    Victim Industry: Maritime
    Victim Organization: al hareb marine
    Victim Site: alharebmarine.com
  38. Alleged data leak of infotech
    Category: Data Breach
    Content: The Group claims to have leaked data from infotech.
    Date: 2026-02-08T15:25:07Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1061487
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/a068e212-c0a2-4934-aadf-23bf2d5f6d43.png
    Threat Actors: 4y29836
    Victim Country: USA
    Victim Industry: Information Technology (IT) Services
    Victim Organization: infotech
    Victim Site: infotech.com
  39. Alleged Data Leak of Indonesian 2025 Social Assistance Beneficiary Database
    Category: Data Breach
    Content: The threat actor claims to have leaked a database containing the names, addresses, and allocation details of social assistance (bansos) recipients for the 2025 fiscal year in Indonesia. The exposed data allegedly includes beneficiary personal information and distribution records related to government welfare programs.
    Date: 2026-02-08T15:21:00Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-daftar-nama-penerima-alamat-dan-alokasi-bansos-tahun-anggaran-2025
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/859a19a5-5e22-4efc-857c-6e2d2ee1c9fc.png
    Threat Actors: 1LH4MZXSEC
    Victim Country: Indonesia
    Victim Industry: Government & Public Sector
    Victim Organization: Unknown
    Victim Site: Unknown
  40. Alleged data breach of Joy
    Category: Data Breach
    Content: The threat actor claims to have breached 11,711 rows of SQL data from Joy.
    Date: 2026-02-08T15:04:11Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-thejoyapp-com
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/1b96f7ab-5cea-4619-994b-32d7af5467f9.png
    Threat Actors: Kirigaya
    Victim Country: UK
    Victim Industry: Information Technology (IT) Services
    Victim Organization: joy
    Victim Site: thejoyapp.com
  41. Alleged Unauthorized Access to a System in Brazil
    Category: Initial Access
    Content: The group claims to have accessed a system located in the Brazil.
    Date: 2026-02-08T14:49:37Z
    Network: telegram
    Published URL: https://t.me/n2LP_wVf79c2YzM0/3616
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/abda106a-3886-4a9d-9e25-3fdfa4897bbd.png
    Threat Actors: Infrastructure Destruction Squad
    Victim Country: Brazil
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  42. Alleged Unauthorized Access to a Research-Oriented Control and Monitoring System in USA
    Category: Initial Access
    Content: The group claims to have accessed a system located in the United States associated with a technologically advanced environment, potentially linked to research or specialized operations.
    Date: 2026-02-08T14:48:34Z
    Network: telegram
    Published URL: https://t.me/n2LP_wVf79c2YzM0/3618
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c2328c36-4e34-4d06-a174-5b8d305798e4.png
    Threat Actors: Infrastructure Destruction Squad
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  43. Alleged data leak of Fossil Group, Inc.
    Category: Data Breach
    Content: The group claims to have leaked the data from Fossil Group, Inc.
    Date: 2026-02-08T14:37:51Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1061644
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f42fe784-ac75-4354-a76e-7f745f5a2496.jpg
    Threat Actors: A K U L A v 2 . 2
    Victim Country: USA
    Victim Industry: E-commerce & Online Stores
    Victim Organization: fossil group, inc.
    Victim Site: fossil.com
  44. Alleged Sale of Unauthorized RDP Access to an Private Clinics in Saudi Arabia
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized RDP and shell access to private clinics in Saudi Arabia.
    Date: 2026-02-08T14:24:32Z
    Network: openweb
    Published URL: https://forum.exploit.in/topic/275525/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/bef706c5-8fc1-419d-b0ad-030ae7e20977.png
    Threat Actors: Saturned33
    Victim Country: Saudi Arabia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  45. BABAYO EROR SYSTEM targets the website of MIB consultants
    Category: Defacement
    Content: The Group claims to have defaced the website of MIB consultants.
    Date: 2026-02-08T14:18:04Z
    Network: telegram
    Published URL: https://t.me/c/3664625363/195
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/7de6159f-bcfa-4b52-90af-5fc644b5eaf3.png
    Threat Actors: BABAYO EROR SYSTEM
    Victim Country: India
    Victim Industry: Human Resources
    Victim Organization: mib consultants
    Victim Site: mibconsultants.com
  46. Alleged leak of login credentials to First Finance
    Category: Data Breach
    Content: The group claims to have leaked login credentials to First Finance
    Date: 2026-02-08T14:12:42Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1061635
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/cd7223d8-95ed-48b9-b1ef-fc862a8f5b8f.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iraq
    Victim Industry: Financial Services
    Victim Organization: first finance
    Victim Site: ffc.iq
  47. Alleged data breach of Kurdistan Bar Association
    Category: Data Breach
    Content: The group claims to have breached 19675 rows of data from Kurdistan Bar Association, allegedly including id,lq_id,bar_id,class_id,email_id and more.
    Date: 2026-02-08T13:58:25Z
    Network: telegram
    Published URL: https://t.me/c/2705921599/180
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6ae4780a-519f-4c58-b564-f84f5a29dd5d.JPG
    Threat Actors: Sy-Root
    Victim Country: Iraq
    Victim Industry: Law Practice & Law Firms
    Victim Organization: kurdistan bar association
    Victim Site: kba.krd
  48. maulnism1337 targets the website of ELECT UPS
    Category: Defacement
    Content: The group claims to have defaced the website of ELECT UPS
    Date: 2026-02-08T13:40:32Z
    Network: telegram
    Published URL: https://t.me/maul1337anon/806
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/9e2e0cc4-d691-4f58-986d-b92dd4c01adf.png
    Threat Actors: maulnism1337
    Victim Country: Unknown
    Victim Industry: Electrical & Electronic Manufacturing
    Victim Organization: elect ups
    Victim Site: electups.com
  49. Alleged leak of Indian service database
    Category: Data Breach
    Content: The group claims to have leaked more than 1,000 records from an Indian service.
    Date: 2026-02-08T13:34:15Z
    Network: telegram
    Published URL: https://t.me/maul1337anon/807
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/3aa62181-90dc-4b18-9046-c46d2cc7a31b.png
    Threat Actors: maulnism1337
    Victim Country: India
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  50. maulnism1337 targets the website of WaytoServices
    Category: Defacement
    Content: The group claims to have defaced the website of WaytoServices
    Date: 2026-02-08T13:28:06Z
    Network: telegram
    Published URL: https://t.me/maul1337anon/806
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ccfb21e9-4947-4c80-be85-eb8a6503a801.JPG
    Threat Actors: maulnism1337
    Victim Country: India
    Victim Industry: Professional Services
    Victim Organization: waytoservices
    Victim Site: waytoservices.in
  51. UNDERGROUND-NET targets the website of mediakuliah.com
    Category: Defacement
    Content: Group claims to have defaced the website of Mediakuliah.mirror url : https://haxor.id/archive/mirror/243594
    Date: 2026-02-08T13:18:40Z
    Network: telegram
    Published URL: https://t.me/c/2195292966/1273
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e33ac4f4-d88c-468e-9f63-fd04a861e2cc.png
    Threat Actors: UNDERGROUND-NET
    Victim Country: Indonesia
    Victim Industry: Education
    Victim Organization: mediakuliah.com
    Victim Site: mediakuliah.com
  52. Alleged data breach of Instagram
    Category: Data Breach
    Content: The threat actor claims to have breached the credentials of 500 Instagram users, allegedly containing usernames and passwords.
    Date: 2026-02-08T13:00:45Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-URL-LOGIN-PASS-500-ACCOUNT-INSTAGRAM
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/cafabc91-7f00-44dc-a619-cf4ffec7bc02.png
    https://d34iuop8pidsy8.cloudfront.net/caf11002-b045-4f7f-99e3-20c07717fc62.png
    https://d34iuop8pidsy8.cloudfront.net/27eb1339-fd17-4b6a-b05e-581f3b91ae5b.png
    https://d34iuop8pidsy8.cloudfront.net/7ed42ef0-4f0f-4027-8589-ec0418e6f328.png
    https://d34iuop8pidsy8.cloudfront.net/dee44e71-92ad-456f-9ecf-514c089acb92.png
    Threat Actors: Jax7
    Victim Country: USA
    Victim Industry: Social Media & Online Social Networking
    Victim Organization: instagram
    Victim Site: instagram.com
  53. Alleged leak of login credentials to d4t.ir
    Category: Data Breach
    Content: The group claims to have leaked login credentials to d4t.ir.
    Date: 2026-02-08T12:58:32Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1061479
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d5d80cdf-307d-4165-8caf-ad7014c70300.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: d4t.ir
  54. Alleged leak of login credentials to sepah.ir
    Category: Data Breach
    Content: The group claims to have leaked login credentials to sepah.ir.
    Date: 2026-02-08T12:58:28Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1061505
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/caff96c2-79ab-459e-8651-b53fd6eba22d.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: sepah.ir
  55. Alleged leak of login credentials to Arab National Bank
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Arab National Bank
    Date: 2026-02-08T12:27:46Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1061463
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/6ba47772-317c-471c-87f2-67a677d51564.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Saudi Arabia
    Victim Industry: Financial Services
    Victim Organization: arab national bank
    Victim Site: anb.com.sa
  56. Alleged data leak of Mediation Case Law
    Category: Data Breach
    Content: The threat actor claims to have leaked the Mediation Case Law Dataset. The leaked data is from 1999–2005, allegedly including 450 court decisions.
    Date: 2026-02-08T12:27:28Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-1999%E2%80%932005-Mediation-Case-Law-Dataset
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/cc1ba198-3733-4a02-be4b-2d0a0c679dd1.JPG
    Threat Actors: XZeeoneOfc
    Victim Country: USA
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  57. UNDERGROUND-NET targets the website of Mediakomen
    Category: Defacement
    Content: The Group claims to have defaced the website of Mediakomen.mirror url : https://haxor.id/archive/mirror/243592
    Date: 2026-02-08T11:14:19Z
    Network: telegram
    Published URL: https://t.me/c/2195292966/1272
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/95eb0906-dcc3-423d-99f0-b1aa7ff26925.png
    Threat Actors: UNDERGROUND-NET
    Victim Country: Indonesia
    Victim Industry: Social Media & Online Social Networking
    Victim Organization: mediakomen
    Victim Site: mediakomen.com
  58. Alleged leak of login credentials to Arab East Collages
    Category: Initial Access
    Content: The group claims to have leaked login credentials to Arab East Collages
    Date: 2026-02-08T11:09:53Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1061430
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c8764eb3-20f7-4bb8-a6c6-c81f67159362.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Saudi Arabia
    Victim Industry: Education
    Victim Organization: arab east collages
    Victim Site: arabeast.edu.sa
  59. Alleged leak of login credentials to Arab Open University
    Category: Initial Access
    Content: The group claims to have leaked login credentials to Arab Open University
    Date: 2026-02-08T10:58:08Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1061413
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c660c3e1-1788-4f84-9620-ab89c5af6540.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Saudi Arabia
    Victim Industry: Higher Education/Acadamia
    Victim Organization: arab open university
    Victim Site: arabou.edu.sa
  60. Alleged data leak of University of California
    Category: Data Breach
    Content: The group claims to have leaked data from University of California.
    Date: 2026-02-08T10:43:25Z
    Network: telegram
    Published URL: https://t.me/Lun4risSec/8
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/22bc9a41-adb4-441f-bfb5-b2cc8cfd6772.png
    Threat Actors: LunarisSec
    Victim Country: USA
    Victim Industry: Higher Education/Acadamia
    Victim Organization: university of california
    Victim Site: universityofcalifornia.edu
  61. Alleged leak of login credentials to Soroush Plus
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Soroush Plus
    Date: 2026-02-08T10:01:45Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1061373
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/1464e771-554f-4bb1-81d7-930556883dcd.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Iran
    Victim Industry: Social Media & Online Social Networking
    Victim Organization: soroush plus
    Victim Site: splus.ir
  62. Alleged leak of login credentials to Abu Dhabi Islamic Bank
    Category: Data Breach
    Content: The group claims to have leaked login credentials to Abu Dhabi Islamic Bank.
    Date: 2026-02-08T09:55:39Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1061310
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/2346f800-0551-40da-9e40-150f3f6d0e76.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: UAE
    Victim Industry: Banking & Mortgage
    Victim Organization: abu dhabi islamic bank
    Victim Site: adib.ae
  63. DEATH SLASH CYBER SECURITY targets the website of pasarsocial.com
    Category: Defacement
    Content: The group claims to have defaced the website of pasarsocial.com
    Date: 2026-02-08T09:55:25Z
    Network: telegram
    Published URL: https://t.me/c/2420683545/1446
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/2a9b2aa1-9793-4706-81b5-26f2d6462842.JPG
    https://d34iuop8pidsy8.cloudfront.net/279f4a50-c695-4029-ab7f-db792560f7a0.JPG
    Threat Actors: DEATH SLASH CYBER SECURITY
    Victim Country: Indonesia
    Victim Industry: Online Publishing
    Victim Organization: pasarsocial.com
    Victim Site: pasarsosial.com
  64. Alleged leak of credit card records (CCV data)
    Category: Data Breach
    Content: The threat actor claims to be offering a massive database dump allegedly containing 80 million credit card records (CCV data), with card details reportedly valid until 2039
    Date: 2026-02-08T09:33:45Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-DATABASE-80M-dump-ccv-Download
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/fcd9f795-180c-420a-89e8-89d627a2a76c.png
    Threat Actors: Fox_con
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  65. Alleged leak of login credentials to TLC-GROUP
    Category: Data Breach
    Content: The group claims to have leaked login credentials to TLC-GROUP.
    Date: 2026-02-08T09:33:28Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1061340
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/805eef69-b4d2-4067-be4d-9875881e32a6.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Network & Telecommunications
    Victim Organization: tlc-group
    Victim Site: tlcgroup.co.il
  66. TEAM MR PLAX targets the website of Datalogics India Private Limited
    Category: Defacement
    Content: The Group claims to have defaced the website of Datalogics India Private Limited
    Date: 2026-02-08T09:28:00Z
    Network: telegram
    Published URL: https://t.me/mrplaxx/165
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/0d7d9833-cc74-4864-8f97-6d900a7e1634.png
    Threat Actors: TEAM MR PLAX
    Victim Country: India
    Victim Industry: Information Technology (IT) Services
    Victim Organization: datalogics india private limited
    Victim Site: shop.datalogics.in
  67. Alleged data breach of Government of Quintana Roo students records
    Category: Data Breach
    Content: The threat actor claims to have breached 28,332 student records from the Government of Quintana Roo, allegedly containing names, email addresses, gender, age, and more.
    Date: 2026-02-08T08:56:10Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-DATABASE-ESTUDIANTES-DEL-ESTADO-DE-QUINTANA-ROO
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/32e47ea6-9b97-4c2c-a173-36a3ca066b55.png
    Threat Actors: Rich157
    Victim Country: Mexico
    Victim Industry: Government Administration
    Victim Organization: government of quintana roo
    Victim Site: qroo.gob.mx
  68. Alleged sale of unauthorized access to Lenovo Asia Regions Logistics
    Category: Initial Access
    Content: The threat actor claims to have gained unauthorized admin access to Lenovo Asia Regions Logistics, exploiting vulnerabilities to compromise all accounts and allegedly exfiltrate all available data using a UNION-based technique.
    Date: 2026-02-08T08:47:26Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-Lenovo-Asia-Regions-Logistics
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e3cf119d-8775-4ff3-a412-0a05f60df0af.png
    Threat Actors: Sanguine
    Victim Country: USA
    Victim Industry: Information Technology (IT) Services
    Victim Organization: lenovo
    Victim Site: lenovo.com
  69. TEAM MR PLAX targets the website of Airtalk Wireless
    Category: Defacement
    Content: The Group claims to have defaced the website of Airtalk Wireless.
    Date: 2026-02-08T08:45:35Z
    Network: telegram
    Published URL: https://t.me/mrplaxx/164
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/37994478-cdcf-4a90-b990-0bca7dd4ea7b.png
    Threat Actors: TEAM MR PLAX
    Victim Country: USA
    Victim Industry: Network & Telecommunications
    Victim Organization: airtalk wireless
    Victim Site: airtalkwireless.com
  70. Alleged sale of unauthorized access to a private AI business communications infrastructure platform
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized access to a private AI business communications infrastructure platform. The alleged access involves a Linux-based firewall system with root-level remote code execution (RCE), shell access, and administrative control over the network management panel.
    Date: 2026-02-08T08:31:38Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-300-Private-AI-Business-Communications-Infrastructure-Platform
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b8f4b20b-4895-4012-9f10-90b94ca6df1b.png
    Threat Actors: miyako
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  71. Alleged sale of unauthorized access to a European private file hosting infrastructure
    Category: Initial Access
    Content: The threat actor claims to be selling unauthorized access to a European private file hosting infrastructure. The alleged access involves a Linux-based firewall system with root-level remote code execution (RCE), shell access, and administrative control over the network management panel.
    Date: 2026-02-08T08:08:12Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-300-European-Private-File-Host-Full-Control
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/62a3b997-9382-4fd0-b1a4-6d24b8a7ce88.png
    Threat Actors: miyako
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  72. Alleged Unauthorized Access to an HVAC Climate Control System in Italy
    Category: Initial Access
    Content: The group claims to have accessed an HVAC climate control system in Italy, reportedly allowing unauthorized modification of temperature, humidity, fan, and valve settings.
    Date: 2026-02-08T07:57:53Z
    Network: telegram
    Published URL: https://t.me/zpentestalliance/1055
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/c7f5c50c-93ce-4690-9b57-7e8f1106c412.png
    https://d34iuop8pidsy8.cloudfront.net/bc7792c8-8b8f-4322-b84d-6872fe2d54bb.png
    Threat Actors: Z-PENTEST ALLIANCE
    Victim Country: Italy
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  73. Alleged data leak of the realization or allocation of financial funds in West Java, Indonesia.
    Category: Data Breach
    Content: The threat actor claims to have leaked a database allegedly containing information related to the realization or allocation of financial funds for the year 2025 in West Java, Indonesia.
    Date: 2026-02-08T07:55:21Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DATABASE-Informasi-realisasi-atau-penyerapan-penggunaan-keuangan-Tahun-2025-JAWA-BARAT
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/eb47abc6-3d44-4e5b-92c8-011a635ce169.png
    Threat Actors: 1LH4MZXSEC
    Victim Country: Indonesia
    Victim Industry: Unknown
    Victim Organization: Unknown
    Victim Site: Unknown
  74. Alleged sale of U.S. insurance broker’s data
    Category: Data Breach
    Content: The threat actor claims to be selling 46.4k records of U.S. insurance brokers, allegedly containing IDs, company names, contact IDs, passwords, and more.
    Date: 2026-02-08T07:47:46Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-SELLING-USA-Insurance-Broker-Database-46-4k
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/f8c341ea-4c18-49d1-b39c-ee7493288d74.png
    https://d34iuop8pidsy8.cloudfront.net/b03d046b-8186-4b80-854d-0fc95e8e075a.png
    https://d34iuop8pidsy8.cloudfront.net/2aa6504a-f698-479a-93e9-e3ad4bf825ab.png
    Threat Actors: p0ppin
    Victim Country: USA
    Victim Industry: Insurance
    Victim Organization: Unknown
    Victim Site: Unknown
  75. Alleged Data Breach of JDHI Surabaya
    Category: Data Breach
    Content: The threat actor claims to be leaked data from JDHI Surabaya. The compromised data reportedly includes Credentials, contacts, email, access token, financial, user info
    Date: 2026-02-08T06:27:42Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-DOCUMENTS-Full-database-jdih-Surabaya-leaked-free-download
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/54fb7f52-f2d9-4544-adf2-f2bf492b7237.png
    Threat Actors: hamzahcorp
    Victim Country: Indonesia
    Victim Industry: Government Administration
    Victim Organization: jdhi surabaya
    Victim Site: jdih.surabaya.go.id
  76. Global Error System targets the website of MIN 12 Banjar
    Category: Defacement
    Content: The group claims to have defaced the website of MIN 12 Banjar
    Date: 2026-02-08T06:02:59Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/237645
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/569d5d1d-0fc4-4e1f-b9ed-5031ebeb856e.png
    Threat Actors: Global Error System
    Victim Country: Indonesia
    Victim Industry: Education
    Victim Organization: min 12 banjar
    Victim Site: min12banjar.stoedioportal.com
  77. Global Error System targets the website of TravelTour
    Category: Defacement
    Content: The group claims to have defaced the website of TravelTour
    Date: 2026-02-08T05:49:50Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/237652
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d75528a6-d630-4176-84a9-f0f767f61c8d.png
    Threat Actors: Global Error System
    Victim Country: Indonesia
    Victim Industry: Leisure & Travel
    Victim Organization: traveltour
    Victim Site: traveltour.stoedioportal.com
  78. Global Error System targets the website of BeritaPosPublikNews
    Category: Defacement
    Content: The group claims to have defaced the website of BeritaPosPublikNews
    Date: 2026-02-08T05:44:59Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/237646
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e3dc8af4-74f4-4090-a197-c2f9a6aa2303.png
    Threat Actors: Global Error System
    Victim Country: Indonesia
    Victim Industry: Media Production
    Victim Organization: beritapospubliknews
    Victim Site: beritapospubliknews.stoedioportal.com
  79. Global Error System targets the website of InfoDaerahOnline
    Category: Defacement
    Content: The group claims to have defaced the website of InfoDaerahOnline
    Date: 2026-02-08T05:44:15Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/237650
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/af120fc6-4d5f-4ac6-b653-ee4f1116f901.png
    Threat Actors: Global Error System
    Victim Country: Indonesia
    Victim Industry: Media Production
    Victim Organization: infodaerahonline
    Victim Site: infodaerahonline.stoedioportal.com
  80. Global Error System targets the website of NusantaraNews
    Category: Defacement
    Content: The group claims to have defaced the website of NusantaraNews
    Date: 2026-02-08T05:37:21Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/237648
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8b4d8ba9-c5c1-45e1-82cb-dd48e234f2a1.png
    Threat Actors: Global Error System
    Victim Country: Indonesia
    Victim Industry: Media Production
    Victim Organization: nusantaranews
    Victim Site: nusantaranews.stoedioportal.com
  81. Global Error System targets the website of Opinikebangsaan
    Category: Defacement
    Content: The group claims to have defaced the website of Opinikebangsaan
    Date: 2026-02-08T05:30:18Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/237651
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/659e5033-70e9-44a1-be32-2870ace6bc5a.png
    Threat Actors: Global Error System
    Victim Country: Indonesia
    Victim Industry: Unknown
    Victim Organization: opinikebangsaan
    Victim Site: opinikebangsaan.stoedioportal.com
  82. Global Error System targets the website of KenshinApp
    Category: Defacement
    Content: The group claims to have defaced the website of KenshinApp
    Date: 2026-02-08T05:25:11Z
    Network: openweb
    Published URL: https://defacer.id/mirror/id/237653
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/57b0c155-90ca-47f2-9f84-d307a119045e.png
    Threat Actors: Global Error System
    Victim Country: Indonesia
    Victim Industry: Unknown
    Victim Organization: kenshinapp
    Victim Site: kenshinapp.my.id
  83. Alleged Sale of unauthorized admin access to unidentified shop in Peru
    Category: Initial Access
    Content: Threat actor claims to be selling unauthorized admin access to an unidentified online shop in Peru
    Date: 2026-02-08T03:49:37Z
    Network: openweb
    Published URL: https://forum.exploit.biz/topic/275509/
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8f7409de-bfe0-4dc3-9e60-3f19170e2b46.png
    Threat Actors: Reve
    Victim Country: Peru
    Victim Industry: E-commerce & Online Stores
    Victim Organization: Unknown
    Victim Site: Unknown
  84. Alleged Data Leak of Nist Grup
    Category: Data Breach
    Content: The threat actor claims to have leaked the data of Nist Grup, the dataset contains material includes internal corporate documents and employee-related records stored across multiple file formats.
    Date: 2026-02-08T03:48:52Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-Document-Nist-Grup-Data-Breach
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/ee0b1c40-4ec0-4cca-bd98-85dae1cda13e.png
    Threat Actors: KaruHunters
    Victim Country: Unknown
    Victim Industry: Unknown
    Victim Organization: nist grup
    Victim Site: Unknown
  85. Alleged Data Breach of Banco Plaza
    Category: Data Breach
    Content: The threat actor claims to breached the data of Banco Plaza, the dataset contains internal-use banking documents related to customer identification and account opening procedures.
    Date: 2026-02-08T03:37:43Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-Banco-Plaza-Weakness-in-their-security-VENEZUELA
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/2fe0c6e9-f668-46af-9c9e-bf5a713d1b1c.png
    Threat Actors: Omoikane
    Victim Country: Venezuela
    Victim Industry: Banking & Mortgage
    Victim Organization: banco plaza, c.a.
    Victim Site: bancoplaza.com
  86. Alleged data breach of PUNONG CO.LTD
    Category: Data Breach
    Content: The group claims to have breached data of PUNONG CO.LTD
    Date: 2026-02-08T03:36:37Z
    Network: telegram
    Published URL: https://t.me/c/2875163062/565
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/d6f13b6f-1f83-47c2-8019-1771819b7463.png
    https://d34iuop8pidsy8.cloudfront.net/be54313a-62cc-4a63-a95f-5852b8b2e54e.png
    Threat Actors: RipperSec
    Victim Country: South Korea
    Victim Industry: Chemical Manufacturing
    Victim Organization: punong co.ltd
    Victim Site: punong.co.kr
  87. Alleged leak of login credentials to Call2all
    Category: Data Breach
    Content: The group claims to have leaked the login credentials to Call2all
    Date: 2026-02-08T03:12:36Z
    Network: telegram
    Published URL: https://t.me/c/1943303299/1060988
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/8735a939-d95c-43f8-b3f4-a109de3b7339.png
    Threat Actors: A K U L A v 2 . 2
    Victim Country: Israel
    Victim Industry: Non-profit & Social Organizations
    Victim Organization: call2all
    Victim Site: call2all.co.il
  88. Alleged Data Breach of Fédération Française de Tir
    Category: Data Breach
    Content: The threat actor claims to have breached the database of Fédération Française de Tir (FFTir), the dataset contains personal and licensing information of French shooting sports license holders.
    Date: 2026-02-08T03:06:18Z
    Network: openweb
    Published URL: https://breachforums.bf/Thread-FF-TIR-2026-35k
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/e6edcef3-fbc7-4bd5-b815-08eecfd58d89.png
    Threat Actors: ZoranStro
    Victim Country: France
    Victim Industry: Sports
    Victim Organization: fédération française de tir (fftir)
    Victim Site: fftir.org
  89. Alleged Data Breach of UNSS
    Category: Data Breach
    Content: The threat actor claims to have breached the database of UNSS (Union Nationale du Sport Scolaire), the dataset contains personal records of individuals, including minors.
    Date: 2026-02-08T02:16:40Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-FR-unss-org
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/5234fe4a-6680-49db-8ca5-62d58e397cc4.png
    Threat Actors: Kirigaya
    Victim Country: France
    Victim Industry: Education
    Victim Organization: union nationale du sport scolaire (unss)
    Victim Site: unss.org
  90. Alleged Data Breach of Chess.com
    Category: Data Breach
    Content: The threat actor claims to have breached the database of Chess.com, the dataset contains user account records.
    Date: 2026-02-08T01:51:40Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-chess-com–67013
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/cf54e89b-0f80-4502-b105-2fb50ca509a5.png
    Threat Actors: Kirigaya
    Victim Country: USA
    Victim Industry: Gaming
    Victim Organization: chess.com
    Victim Site: chess.com
  91. UNDERGROUND-NET targets the website of Universitas Pelita Bangsa
    Category: Defacement
    Content: The group claims to have defaced the website of Universitas Pelita Bangsa
    Date: 2026-02-08T01:18:24Z
    Network: telegram
    Published URL: https://t.me/c/2195292966/1271
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/29001f1d-0bf5-4d1e-95e3-686ca15c5a98.png
    Threat Actors: UNDERGROUND-NET
    Victim Country: Indonesia
    Victim Industry: Education
    Victim Organization: universitas pelita bangsa
    Victim Site: dirmawa.pelitabangsa.ac.id
  92. Alleged Data Breach of SOS Médecins Bordeaux
    Category: Data Breach
    Content: The threat actor claims to have breached the database of SOS Médecins Bordeaux, the dataset contains sensitive patient and emergency service records.
    Date: 2026-02-08T00:46:48Z
    Network: openweb
    Published URL: https://darkforums.me/Thread-SOS-31-bordeaux
    Screenshots:
    https://d34iuop8pidsy8.cloudfront.net/b5ecb098-0d32-4d1f-821e-27ec417a8f0b.png
    Threat Actors: Kirigaya
    Victim Country: France
    Victim Industry: Hospital & Health Care
    Victim Organization: sos médecins bordeaux
    Victim Site: sosmedecins-bordeaux.fr

Related Posts