[January-08-2026] Daily Cybersecurity Threat Report

1. Executive Summary

This report analyzes 124 distinct cyber incidents recorded within a 24-hour window, primarily on January 8, 2026. The threat landscape is characterized by a high volume of ransomware attacks targeting the manufacturing and education sectors, significant data breaches affecting government and healthcare infrastructures, and a coordinated campaign of website defacements. Notably, there is a marked increase in attacks targeting Operational Technology (OT) and industrial control systems.

2. Ransomware Campaigns

Ransomware groups were highly active, with Qilin, Akira, and BlackShrantac being the most prominent actors. The attacks targeted a diverse range of industries including defense, education, and food production.

Qilin Ransomware Activity

The Qilin group was responsible for a significant number of confirmed compromises across multiple countries.

Education: Victim organizations include the Spring Grove Area School District in the USA.
Manufacturing & Industrial: Victims include Retrofit Service Company (USA) , Telstar Corporation (South Korea) , and Cressi (Italy).+2
Defense: TriVector Services, Inc., a defense and space organization in the USA, was compromised.
Healthcare: Anteriad, a marketing firm, allegedly lost 3 TB of data.

Akira & Other Ransomware Groups

Akira: Targeted Morton Buildings, Inc. (Construction), allegedly stealing 100GB of project data. They also compromised Udall Law Firm, stealing sensitive client legal documents , and Gordon Companies Inc..+2
BlackShrantac: Claimed a massive 1TB data theft from Schneider Prototyping India and a 2TB theft from the National Water Authority in Peru.+1
ANUBIS: Targeted “About Women Ob-Gyn” in the USA.
CL0P: Claimed victims including the Committee to Protect Journalists and the food company Mutti.+1

3. Critical Infrastructure and Industrial Control Systems (ICS)

A concerning trend in this dataset is the specific targeting of industrial control systems and critical infrastructure, particularly by the group Infrastructure Destruction Squad and Z-PENTEST ALLIANCE.

Czech Republic Heating & HVAC: The Infrastructure Destruction Squad claimed unauthorized access to multiple heating management systems. They reportedly gained control over boilers, pumps, and temperature settings. They also accessed an industrial HVAC system, allegedly enabling control over air disinfection and thermal valves.+4
Hospital Targeting: The same group issued an alert indicating they are targeting hospitals in the Czech Republic.
US Food Processing: Z-PENTEST ALLIANCE claimed access to a food processing control system in the USA, allegedly capable of modifying recipe parameters like temperature and humidity in real-time.
US Oil & Gas: The same group claimed access to an oil and gas facility, allegedly controlling pressure and flow parameters in pipes and tanks.

4. Major Data Breaches

Threat actors leaked or listed for sale massive datasets containing Personally Identifiable Information (PII), government records, and corporate secrets.

Government and National Registries

China: A threat actor claimed to leak a database of 1.2 billion Chinese citizen records, including national IDs and GPS coordinates, allegedly from the State Council.
Russia: Leaks included “state secret” documents and a top-secret FSB document.+1
France: Extensive breaches targeted French entities, including the INPI (26 million company records) , Sorbonne University , and various sports federations (Mountaineering, Bridge, American Football).+4

Corporate and Consumer Data

Amazon: A threat actor claimed to breach Amazon, allegedly exposing 6 million user login pairs.
Healthcare: A leak from OpenLoop Health in the USA allegedly exposed 1.6 million patient records.
Open Web/Databases: GhostSocks Database was leaked, including credentials and contact details.

5. Initial Access Sales

Threat actors are actively selling unauthorized access, serving as a precursor to future ransomware or espionage attacks.

Banking: Sale of Fortigate admin access to a US Banking Finance organization.
Surveillance: Unauthorized access to surveillance cameras in the USA and a coffee shop in Ukraine.+1
Government: Access to the “One Window Service Office” in Cambodia, which handles citizen ID and residency services.

6. Defacement Campaigns

Hacktivist activity remains high, with groups using website defacement to send political or disruptive messages.

CyberOprationCulture: This group was extremely active, targeting numerous Indian entities across various sectors, including construction, education, and religious institutions.+3
PhantomSec1337: Focused on US-based construction and flooring companies, defacing websites for D and D Custom Solutions, B and K Hardwood Floor, and others.+2
Diparis: Targeted government websites in Angola, Indonesia, and Kyrgyzstan.+2

7. Conclusion

The cyber incidents from January 8, 2026, demonstrate a volatile threat environment. The most critical risk detected is the direct manipulation of Operational Technology (OT) in the Czech Republic and the USA, which poses physical safety risks beyond standard data theft.+1

Simultaneously, the scale of alleged data breaches—particularly the 1.2 billion record leak from China and the 6 million Amazon records —indicates that massive credential stuffing and identity theft campaigns are likely to follow. Ransomware groups continue to operate with impunity, heavily targeting the education and manufacturing sectors.+1

Detected Incidents Draft Data

Alleged sale of unauthorized access to unidentified Banking Finance organization in USA
Category: Initial Access
Content: Threat actor claims to be selling unauthorized fortigate admin access to an unidentified Banking Finance organization in USA.
Date: 2026-01-08T22:57:30Z
Network: openweb
Published URL: https://forum.exploit.in/topic/273342/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/03859c67-0f1a-440c-a772-caddd0a0b91c.png
Threat Actors: cold666
Victim Country: USA
Victim Industry: Banking & Mortgage
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of GhostSocks Database
Category: Data Breach
Content: A threat actor claims to have leaked data from GhostSocks, with the exposed information reportedly including usernames, passwords, and associated Telegram and email contact details.
Date: 2026-01-08T22:51:30Z
Network: openweb
Published URL: https://forum.exploit.in/topic/273394/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e000c577-a872-4abc-bddb-a7681bb5e55b.png
https://d34iuop8pidsy8.cloudfront.net/c63de19e-d6a2-4c0e-92af-d6e619fe0f73.png
Threat Actors: unl0ck
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of unauthorized RDP access to unidentified Manufacturing company in Italy
Category: Initial Access
Content: Threat actor claims to be selling unauthorized RDP access to an unidentified Manufacturing company in Italy.
Date: 2026-01-08T22:48:49Z
Network: openweb
Published URL: https://forum.exploit.in/topic/273365/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b9ed557d-0b1d-4534-9bec-86c8c28f4344.png
Threat Actors: Big-Bro
Victim Country: Italy
Victim Industry: Manufacturing
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Fédération Française de Natation
Category: Data Breach
Content: The threat actor claims to be selling the data from Fédération Française de Natation.
Date: 2026-01-08T22:24:20Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-ffnv-rar-extracted-data
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4a4f7de6-4fa0-4041-bc57-8c1b5913289e.png
Threat Actors: anon2589
Victim Country: France
Victim Industry: Sports
Victim Organization: french swimming federation
Victim Site: Unknown
About Women Ob-Gyn falls victim to ANUBIS Ransomware
Category: Ransomware
Content: The group claims to have obtained the organization’s data.
Date: 2026-01-08T22:09:25Z
Network: tor
Published URL: http://om6q4a6cyipxvt7ioudxt24cw4oqu4yodmqzl25mqd2hgllymrgu4aqd.onion/r/fhg8fW6QLYEZpEa4dL7tT2k20T0ZsrotUJ0hMBg5CSdCQNvrOC9tp8swf9dJlJYoDttLGO3j7z7EbD3JQNGR6WUtOZGYw
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b2f34d05-17de-47f7-81a4-663798f8d3fb.png
https://d34iuop8pidsy8.cloudfront.net/93c02a50-a167-4f04-9a30-46e27438eb16.png
https://d34iuop8pidsy8.cloudfront.net/540980fc-a361-4cdc-ba61-3684f5baeec9.png
Threat Actors: ANUBIS
Victim Country: USA
Victim Industry: Hospital & Health Care
Victim Organization: about women ob-gyn
Victim Site: aboutwomenobgyn.com
Alleged access to Hive Ransomware Affiliate Panel
Category: Initial Access
Content: The group claims to have gained login credentials to Hive Ransomware Affiliate Panel
Date: 2026-01-08T21:42:33Z
Network: telegram
Published URL: https://t.me/bjorkaspirit/480?single
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d0be622a-c033-486a-96fb-197720b6a596.jpg
Threat Actors: Bjorkanism
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: hive ransomware
Victim Site: Unknown
Alleged Sale of Next Gen Malware
Category: Malware
Content: Threat Actor claims to be selling Next Gen Malware.
Date: 2026-01-08T21:05:44Z
Network: openweb
Published URL: https://breachforums.bf/Thread-COLLECTION-Next-Gen-Malware
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/443c73d7-78a6-47d4-9683-b39413552ef5.png
Threat Actors: Spearr
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Breach of Comedy Works
Category: Data Breach
Content: Threat Actor claims to have breached the database of Comedy Works in USA, allegedly containing 200,000 user records. The compromised data includes billing addresses, partial credit card information (last four digits, card type, and expiration date), email addresses, passwords, and names.
Date: 2026-01-08T20:58:34Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-USA-comedyworks-com-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b3d2112f-0103-44d9-b250-bbe216d05711.png
https://d34iuop8pidsy8.cloudfront.net/002b6e84-b222-4356-9e4e-ee96385a80c6.png
Threat Actors: lulzintel
Victim Country: USA
Victim Industry: Entertainment & Movie Production
Victim Organization: comedy works
Victim Site: comedyworks.com
Alleged Unauthorised Access to Canadian tax office
Category: Initial Access
Content: The group claims to have gained unauthorized cPanel and WordPress admin access to a Canadian tax office.
Date: 2026-01-08T20:46:35Z
Network: openweb
Published URL: https://forum.exploit.in/topic/273391/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8c5e8da5-4fb5-4bf3-9a6e-808ebe872a93.png
Threat Actors: test_mobi
Victim Country: Canada
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Initial Access to unidentified Food processing control system in USA
Category: Initial Access
Content: The group claims that they have gained unauthorized access to a control system used to manage food processing technology within the food industry, including production of sauces, sausages, and smoked meats. The exposed interface reportedly displays recipe configurations with parameters such as temperature, humidity, processing time, and control status set to manual (HAND) mode, indicating the ability to select recipes and modify production parameters in real time
Date: 2026-01-08T20:09:11Z
Network: telegram
Published URL: https://t.me/zpentestalliance/943
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a931c215-5d97-44cb-93a5-dc74bef4afc4.jpg
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Data Leak of Preprod
Category: Data Breach
Content: Threat Actor claims to have leaked the database of Preprod, which consists of approximately 12 files.
Date: 2026-01-08T19:28:35Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Preprod-leak-001
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/30872212-a641-46b1-a675-e502ffa7e4d8.png
Threat Actors: Ag0stin0
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of SimpleSwap
Category: Data Breach
Content: The threat actor leaked database containing approximately 68,744 user records. The leaked data allegedly includes user account information such as email addresses, public IDs, names, account creation timestamps, KYC status , notification settings, internal trace IDs, and feature flags.
Date: 2026-01-08T19:26:15Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-simpleswap-io-Crypto-Swap-68K-users
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2a794a02-a11c-4f82-baa7-738385470e03.png
Threat Actors: rennn
Victim Country: Seychelles
Victim Industry: Financial Services
Victim Organization: simpleswap
Victim Site: simpleswap.io
Alleged leak of Russian documents
Category: Data Breach
Content: The group claims to have leaked state secret Russian documents
Date: 2026-01-08T19:25:40Z
Network: telegram
Published URL: https://t.me/topsecretdocumentsleaked/204
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/dc560012-1e44-4b1b-a4a5-dc65e01d7246.jpg
Threat Actors: JRINTEL FREE DATA V3
Victim Country: Russia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
CyberOprationCulture targets the website of
Category: Defacement
Content: The group claims to have defaced the website of
Date: 2026-01-08T19:22:07Z
Network: telegram
Published URL: https://t.me/c/3421269527/52
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/00f5ae60-a27a-4913-afdb-573420516692.jpg
Threat Actors: CyberOprationCulture
Victim Country: India
Victim Industry: Religious Institutions
Victim Organization: niityaa kumbh
Victim Site: niityaakumbh.com
CyberOprationCulture targets the website of N-Fours Infra & Construction
Category: Defacement
Content: The group claims to have defaced the website of N-Fours Infra & Construction
Date: 2026-01-08T19:20:23Z
Network: telegram
Published URL: https://t.me/c/3421269527/52
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/36c78006-3fe5-486f-9893-98a5f321a111.jpg
Threat Actors: CyberOprationCulture
Victim Country: India
Victim Industry: Building and construction
Victim Organization: n-fours infra & construction
Victim Site: nfoursinfra.com
Alleged Data Leak of Pre-Production
Category: Data Breach
Content: Threat Actor claims to have leaked the database of Pre-Production, which consists of approximately 13 files.
Date: 2026-01-08T19:19:06Z
Network: openweb
Published URL: https://breachforums.bf/Thread-pre-production-leaks-02
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/bd5b3512-240c-41ca-a40c-9e19d0ed1f64.png
Threat Actors: Ag0stin0
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
CyberOprationCulture targets the website of Golden Orchid
Category: Defacement
Content: The group claims to have defaced the website of Golden Orchid
Date: 2026-01-08T19:15:08Z
Network: telegram
Published URL: https://t.me/c/3421269527/52
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5f794967-1813-487b-8ab8-087160f7d2a8.jpg
Threat Actors: CyberOprationCulture
Victim Country: India
Victim Industry: Restaurants
Victim Organization: golden orchid
Victim Site: mygoldenorchid.com
Alleged data leak of Russian FSB Document
Category: Data Breach
Content: A threat actor claims to have leaked a top-secret Russian FSB document, reportedly shared as a single RTF file.
Date: 2026-01-08T19:13:41Z
Network: openweb
Published URL: https://demonforums.net/Thread-TOP-SECRET-Russian-FSB-Document-LEAKED
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7b4dff22-bb59-4b54-910b-1e81fe3a9993.png
https://d34iuop8pidsy8.cloudfront.net/78611074-cc13-45bc-89cc-01f7a339deff.png
Threat Actors: jrintel
Victim Country: Russia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
CyberOprationCulture targets the website of Kailash Agencies
Category: Defacement
Content: The group claims to have defaced the website of Kailash Agencies
Date: 2026-01-08T19:12:47Z
Network: telegram
Published URL: https://t.me/c/3421269527/51
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a770fe9c-578a-4e15-9b9e-daf88229915a.jpg
Threat Actors: CyberOprationCulture
Victim Country: India
Victim Industry: Food & Beverages
Victim Organization: kailash agencies
Victim Site: kailashagencies.com
CyberOprationCulture targets the website of
Category: Defacement
Content: The group claims to have defaced the website of
Date: 2026-01-08T19:09:15Z
Network: telegram
Published URL: https://t.me/c/3421269527/50
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b7105106-9302-421f-8b47-9b4c5b2a2a60.jpg
Threat Actors: CyberOprationCulture
Victim Country: India
Victim Industry: Manufacturing & Industrial Products
Victim Organization: jai maruti gas cylinders limited
Victim Site: jmgcl.com
Federal University of Sergipe falls victim to VECT Ransomware
Category: Ransomware
Content: The group claims to have obtained 150 GB organization’s data. The data includes financial records, students data and intends to publish them within 3-4 days.
Date: 2026-01-08T19:07:36Z
Network: tor
Published URL: http://bu7zr6fotni3qxxoxlcmpikwtp5mjzy7jkxt7akflnm2kwkbdtgtjuid.onion/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b8ef7156-aa4d-46ad-92f3-690b841ba457.png
Threat Actors: VECT
Victim Country: Brazil
Victim Industry: Education
Victim Organization: federal university of sergipe
Victim Site: ufs.br
Mutti falls victim to CL0P Ransomware
Category: Ransomware
Content: The group claims to have obtained organization’s data.
Date: 2026-01-08T19:05:52Z
Network: tor
Published URL: http://santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion/mutti-parma-com
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3b77b188-5327-458d-a219-fab82e7bcb26.png
Threat Actors: CL0P
Victim Country: Italy
Victim Industry: Food & Beverages
Victim Organization: mutti
Victim Site: mutti-parma.com
CyberOprationCulture targets the website of Forevermore 3D Casting
Category: Defacement
Content: The group claims to have defaced the website of Forevermore 3D Casting
Date: 2026-01-08T18:58:11Z
Network: telegram
Published URL: https://t.me/c/3421269527/49
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a2083047-4fda-460d-a791-5b6fe186e4d6.jpg
Threat Actors: CyberOprationCulture
Victim Country: India
Victim Industry: Arts & Crafts
Victim Organization: forevermore 3d casting
Victim Site: forevermore3dcasting.com
Alleged Data Breach of Lit
Category: Data Breach
Content: Threat Actor claims to have breached the database of Lit in Italy, allegedly containing 3,09,667 customer records.
Date: 2026-01-08T18:43:33Z
Network: openweb
Published URL: https://breachforums.bf/Thread-lit-it-crypto-related
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ad61c42b-189a-404b-9515-0c7e4d5766ee.png
Threat Actors: Wadjet
Victim Country: Italy
Victim Industry: Social Media & Online Social Networking
Victim Organization: lit
Victim Site: lit.it
Committee to Protect Journalists falls victim to CL0P Ransomware
Category: Ransomware
Content: The group claims to have obtained organization’s data.
Date: 2026-01-08T18:41:46Z
Network: tor
Published URL: http://santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion/cpj-org
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7c064629-2e6a-476c-917a-238b91c07fcc.png
Threat Actors: CL0P
Victim Country: USA
Victim Industry: International Affairs
Victim Organization: committee to protect journalists
Victim Site: cpj.org
CyberOprationCulture targets the website of Crystal Analytix
Category: Defacement
Content: The group claims to have defaced the website of
Date: 2026-01-08T18:41:21Z
Network: telegram
Published URL: https://t.me/c/3421269527/46
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0db241ff-12d6-4039-9956-b1cff644550d.jpg
Threat Actors: CyberOprationCulture
Victim Country: India
Victim Industry: Education
Victim Organization: crystal analytix
Victim Site: crystalanalytix.com
CyberOprationCulture targets the website of Filmy Film Productions
Category: Defacement
Content: The group claims to have defaced the website of Filmy Film Productions
Date: 2026-01-08T18:36:21Z
Network: telegram
Published URL: https://t.me/c/3421269527/48
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b423f4ec-1aee-4423-b516-89bf8aa27e64.jpg
Threat Actors: CyberOprationCulture
Victim Country: India
Victim Industry: Motion Pictures & Film
Victim Organization: filmy film productions
Victim Site: filmyfilmproductions.com
CyberOprationCulture targets the website of Digital Navik Private Limited
Category: Defacement
Content: The group claims to have defaced the website of Digital Navik Private Limited
Date: 2026-01-08T18:29:10Z
Network: telegram
Published URL: https://t.me/c/3421269527/47
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b5ab70b6-4e6a-428f-925c-e7e5728fb606.jpg
Threat Actors: CyberOprationCulture
Victim Country: India
Victim Industry: Education
Victim Organization: digital navik private limited
Victim Site: digitalnavik.com
Alleged Data Leak of LAKOMKA
Category: Data Breach
Content: Threat Actor claims to have leaked the database of LAKOMKA, allegedly containing 32,497 customer records.
Date: 2026-01-08T18:25:23Z
Network: openweb
Published URL: https://breachforums.bf/Thread-32-497-customers-LAKOMKA
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8c6f5430-69d5-4ec1-b920-1939fd07c1e1.png
Threat Actors: Ag0stin0
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
CyberOprationCulture targets the website of 3Z Laundry Services
Category: Defacement
Content: The group claims to have defaced the website of 3Z Laundry
Date: 2026-01-08T18:19:56Z
Network: telegram
Published URL: https://t.me/c/3421269527/45
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6e4db310-c248-464c-9e40-e295d3a874dd.jpg
Threat Actors: CyberOprationCulture
Victim Country: Qatar
Victim Industry: Consumer Services
Victim Organization: 3z laundry services
Victim Site: 3zlaundry.com
Alleged Data Leak of bobbyfoun.tw
Category: Data Breach
Content: Threat Actor claims to have leaked the database of bobbyfoun.tw in Taiwan, which includes customer-related information such as user details and purchase records.
Date: 2026-01-08T18:09:55Z
Network: openweb
Published URL: https://breachforums.bf/Thread-Prepro-leak-03-bobbyfoun-tw
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d4a49f4e-2e23-4147-9cbc-8c6b12cd2895.png
Threat Actors: Ag0stin0
Victim Country: Taiwan
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: bobbyfoun.tw
Pollock Communications falls victim to INC RANSOM Ransomware
Category: Ransomware
Content: The group claims to have obtained organization’s data.
Date: 2026-01-08T17:41:31Z
Network: tor
Published URL: http://incblog6qu4y4mm4zvw5nrmue6qbwtgjsxpw6b7ixzssu36tsajldoad.onion/blog/disclosures/695fd6398f1d14b7434fa840
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8b2ad0df-3238-4ff8-bbc6-d8143aea601c.png
Threat Actors: INC RANSOM
Victim Country: USA
Victim Industry: Public Relations/PR
Victim Organization: pollock communications
Victim Site: lpollockpr.com
Alleged access to unidentified Coffee shop in Ukraine
Category: Initial Access
Content: The group claims to have gained unauthorized CCTV access to a Coffee shop in Ukraine
Date: 2026-01-08T17:39:29Z
Network: telegram
Published URL: https://t.me/op_morningstar/143v
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8ca039cf-d3e2-46b0-8ebe-9faf044f703b.jpg
Threat Actors: MORNING STAR
Victim Country: Ukraine
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Unauthorised Root Access to an unidentified TV live Streaming Website
Category: Initial Access
Content: Threat actor claims to be selling unauthorized domain root access to an unidentified TV live Streaming Website.
Date: 2026-01-08T17:38:57Z
Network: openweb
Published URL: https://forum.exploit.in/topic/273376/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1eefa799-4eea-4970-8b05-1c4ca7b975cd.png
Threat Actors: Mr.Wizard
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of St Michael’s Church of England Primary School, Pelsall
Category: Data Breach
Content: The threat actor claims to have leaked data from St Michael’s Church of England Primary School, Pelsall.
Date: 2026-01-08T17:30:09Z
Network: telegram
Published URL: https://t.me/c/3421269527/41
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5d4e6992-9369-41a5-a649-fe2df63a9ffe.png
Threat Actors: CyberOprationCulture
Victim Country: UK
Victim Industry: Education
Victim Organization: st michael’s church of england primary school, pelsall
Victim Site: stmichaelspelsall.co.uk
Alleged data breach of ArinGo Computer
Category: Data Breach
Content: The threat actor claims to have leaked data from ArinGo Computer.
Date: 2026-01-08T17:26:17Z
Network: telegram
Published URL: https://t.me/c/3421269527/41
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c8428d87-9571-41c6-a4dc-b484ff3ca89e.png
Threat Actors: CyberOprationCulture
Victim Country: Indonesia
Victim Industry: Retail Industry
Victim Organization: aringo computer
Victim Site: aringocomputer.com
Alleged data breach of Uruk University
Category: Data Breach
Content: The group claims to have breached the database of Uruk University.
Date: 2026-01-08T17:22:28Z
Network: telegram
Published URL: https://t.me/c/3421269527/40
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cbcdd3ba-4dfe-4b6d-b919-78ca5dfbbf73.png
Threat Actors: CyberOprationCulture
Victim Country: Iraq
Victim Industry: Education
Victim Organization: uruk university
Victim Site: uruk.edu.iq
Alleged data breach of
Category: Data Breach
Content: The threat actor claims to have breached the database of Amazon, allegedly exposing approximately 6 million user login pairs (ULP) containing email/username and password combinations.
Date: 2026-01-08T17:16:37Z
Network: openweb
Published URL: https://leakbase.la/threads/amazon-com-6m-ulp.48030/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e1a299d0-2932-4ce1-9e5f-830ba7623622.png
Threat Actors: r3zz
Victim Country: USA
Victim Industry: E-commerce & Online Stores
Victim Organization: amazon
Victim Site: amazon.com
Alleged Data Breach of Faculty of Agriculture, University of Riau
Category: Data Breach
Content: Threat Actor claims to have breached the database of Faculty of Agriculture, University of Riau in Indonesia.
Date: 2026-01-08T17:11:56Z
Network: telegram
Published URL: https://t.me/c/3421269527/42
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fc44ee39-5a63-441b-a9a1-1347624201b5.png
Threat Actors: CyberOprationCulture
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: faculty of agriculture, university of riau
Victim Site: sitani.faperta.unri.ac.id
Retrofit Service Company, Inc. falls victim to Qilin ransomware
Category: Ransomware
Content: The group claims to have obtained organizations data.
Date: 2026-01-08T17:08:50Z
Network: tor
Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=54830d8a-8b6a-329a-a203-9d848b82c049
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/bcb6d1f2-67e5-4ce5-a428-cdd2be09209f.png
Threat Actors: Qilin
Victim Country: USA
Victim Industry: Manufacturing & Industrial Products
Victim Organization: retrofit service company, inc.
Victim Site: retrofitsc.com
Spring Grove Area School District falls victim to Qilin ransomware
Category: Ransomware
Content: The group claims to have obtained organizations data.
Date: 2026-01-08T17:08:28Z
Network: tor
Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=9201fb94-bd27-3af0-8959-dc363d66ed13
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c61939a7-1d48-4a40-a036-e21cdf1c92e5.png
Threat Actors: Qilin
Victim Country: USA
Victim Industry: Education
Victim Organization: spring grove area school district
Victim Site: sgasd.org
Alleged Data Breach of Mirsharai Upazila Development Plan (MUDP)
Category: Data Breach
Content: Threat Actor claims to have breached the database of Mirsharai Upazila Development Plan in Bangladesh.
Date: 2026-01-08T17:02:26Z
Network: telegram
Published URL: https://t.me/c/3421269527/41
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cd8c8cfc-c5b0-4ee5-87e3-0b3800f0b33c.png
Threat Actors: CyberOprationCulture
Victim Country: Bangladesh
Victim Industry: Government Administration
Victim Organization: mirsharai upazila development plan
Victim Site: mudp.gov.bd
Softlab falls victim to Qilin ransomware
Category: Ransomware
Content: The group claims to have obtained organizations data.
Date: 2026-01-08T17:01:48Z
Network: tor
Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=efca9ff5-d2ed-3965-8c7d-60f064832d9a
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/07ef73e2-4feb-4620-9df0-b8491b28d446.png
Threat Actors: Qilin
Victim Country: Italy
Victim Industry: Information Technology (IT) Services
Victim Organization: softlab
Victim Site: soft.it
STESAD GmbH falls victim to Qilin ransomware
Category: Ransomware
Content: The group claims to have obtained organizations data.
Date: 2026-01-08T16:49:32Z
Network: tor
Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=63ec7de3-33f7-3029-9a10-476b14e27ed9
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b6dd33ae-97b9-43e3-a214-a3c15d677e5e.png
Threat Actors: Qilin
Victim Country: Germany
Victim Industry: Building and construction
Victim Organization: stesad gmbh
Victim Site: stesad.de
Alleged data breach of Relive Physiotherapy & Sports Injury Clinic
Category: Data Breach
Content: The group claims to have breached the database of Relive Physiotherapy & Sports Injury Clinic
Date: 2026-01-08T16:47:30Z
Network: telegram
Published URL: https://t.me/c/3421269527/40
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4cf917e6-764c-4888-81a8-9bb627e85749.jpg
Threat Actors: CyberOprationCulture
Victim Country: UK
Victim Industry: Medical Practice
Victim Organization: relive physiotherapy & sports injury clinic
Victim Site: relievephysiotherapy.co.uk
Alleged data breach of Anderson & Partners
Category: Data Breach
Content: The group claims to have breached the database of Anderson & Partners
Date: 2026-01-08T16:42:08Z
Network: telegram
Published URL: https://t.me/c/3421269527/40
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/44fc378c-d835-4bd3-b76c-0eb742dc9660.jpg
Threat Actors: CyberOprationCulture
Victim Country: Indonesia
Victim Industry: Law Practice & Law Firms
Victim Organization: anderson & partners
Victim Site: anderson.co.id
Gaviota falls victim to Qilin ransomware
Category: Ransomware
Content: The group claims to have obtained organizations data.
Date: 2026-01-08T16:21:22Z
Network: tor
Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=93809062-e5fa-3482-800b-bc7c1765bf85
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5bca5de5-16c5-4051-8ab5-7e234fb755e9.png
Threat Actors: Qilin
Victim Country: Spain
Victim Industry: Building and construction
Victim Organization: gaviota
Victim Site: gaviotagroup.com
TriVector Services, Inc. falls victim to Qilin ransomware
Category: Ransomware
Content: The group claims to have obtained organizations data.
Date: 2026-01-08T16:15:16Z
Network: tor
Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=1f50d3ec-3a35-3f73-b59f-c80605f7074e
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/54539eaf-da11-47c1-a5c6-7038e70bb516.png
Threat Actors: Qilin
Victim Country: USA
Victim Industry: Defense & Space
Victim Organization: trivector services, inc.
Victim Site: trivector.us
CyberDragon caims to target Syria
Category: Alert
Content: A recent post by the group indicates that they’re targeting Syrian government and communication and internet lines.
Date: 2026-01-08T15:51:58Z
Network: telegram
Published URL: https://t.me/c/3573104830/18
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/717879e4-b6f6-4b1a-aa4d-8b17b55a6eb4.jpg
Threat Actors: CyberDragon
Victim Country: Syria
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Morton Buildings, Inc. falls victim to Akira Ransomware
Category: Ransomware
Content: The group claims to have obtained 100GB of the organization’s data. Compromised data includes employee documents, projects, specifications and drawings, NDA, partner information, contacts and so on.
Date: 2026-01-08T15:45:50Z
Network: tor
Published URL: https://akiral2iz6a7qgd3ayp3l6yub7xx2uep76idk3u2kollpj5z3z636bad.onion/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a7f6aed0-63fc-4875-9e6a-0b6aa131f0b6.png
Threat Actors: akira
Victim Country: USA
Victim Industry: Building and construction
Victim Organization: morton buildings, inc.
Victim Site: mortonbuildings.com
Udall Law Firm LLP falls victim to Akira Ransomware
Category: Ransomware
Content: The group claims to have obtained 78 GB of the organization’s corporate data, compromised data includes large amount of clients’ personal information such as passport numbers, SSNs, drivers licenses, death/birth certs, financials, NDA, police incidents, confidentiality agreements and so on.
Date: 2026-01-08T14:35:26Z
Network: tor
Published URL: https://akiral2iz6a7qgd3ayp3l6yub7xx2uep76idk3u2kollpj5z3z636bad.onion/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9cdfa000-7da8-4769-a9ab-a676fbc83d8d.jpg
Threat Actors: akira
Victim Country: USA
Victim Industry: Law Practice & Law Firms
Victim Organization: udall law firm llp
Victim Site: udalllaw.com
Alleged Unauthorised Access to an unidentified oil and gas facility in the USA
Category: Initial Access
Content: The group claims to have gained alleged unauthorised access to an unidentified oil and gas facility in the USA, The compromised system allegedly controls Main pressure and flow parameters in pipes and tanks (Tubing Pressure, Casing Pressure, Flowline Pressure), separator control with pressure and fluid level indicators (Separator Pressure, Level Safety), valve control settings based on a set value (Manual Setpoint, Valve Output).
Date: 2026-01-08T14:34:16Z
Network: telegram
Published URL: https://t.me/zpentestalliance/940
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e1661478-36df-4597-9a58-cf1f34a18865.JPG
Threat Actors: Z-PENTEST ALLIANCE
Victim Country: USA
Victim Industry: Oil & Gas
Victim Organization: Unknown
Victim Site: Unknown
Gordon Companies Inc. falls victim to Akira Ransomware
Category: Ransomware
Content: The group claims to have obtained organization’s corporate data, compromised data includes employee personal information such as passport numbers, SSNs and other scanned documents, client data, financials, NDA and so on.
Date: 2026-01-08T14:30:55Z
Network: tor
Published URL: https://akiral2iz6a7qgd3ayp3l6yub7xx2uep76idk3u2kollpj5z3z636bad.onion/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/26a842cf-d8e6-4922-a3b3-8ea3f9185b3e.jpg
Threat Actors: akira
Victim Country: USA
Victim Industry: Retail Industry
Victim Organization: gordon companies inc.
Victim Site: gordoncompaniesinc.com
Anteriad falls victim to Qilin ransomware
Category: Ransomware
Content: The group claims to have obtained 3 TB of the organizations data.
Date: 2026-01-08T14:25:07Z
Network: tor
Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=b473211a-305b-3837-bea1-d4f822c56484
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7918bc26-e308-4cbe-89fe-6b8e4a504d63.png
https://d34iuop8pidsy8.cloudfront.net/cfb2dca1-1cfe-499f-b173-0b60f28a7699.png
Threat Actors: Qilin
Victim Country: USA
Victim Industry: Marketing, Advertising & Sales
Victim Organization: anteriad
Victim Site: anteriad.com
Alleged data leak of service recipients in WINONGO VILLAGE
Category: Data Breach
Content: The group claims to have leaked list of service recipients in WINONGO VILLAGE on January, 2023.
Date: 2026-01-08T14:23:18Z
Network: telegram
Published URL: https://t.me/eightsixroot/77
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/f14a21b8-f8aa-4ff4-8c51-7d3003aca565.png
Threat Actors: EIGHT-SIX ROOT
Victim Country: Indonesia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of Burau Sub-district Office in Indonesia
Category: Data Breach
Content: The group claims to have leaked database of related to Burau Sub-district Office in Indonesia
Date: 2026-01-08T14:22:30Z
Network: telegram
Published URL: https://t.me/eightsixroot/78
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1c346c33-cf13-4df8-a7d9-7b673ec7a399.jpg
Threat Actors: EIGHT-SIX ROOT
Victim Country: Indonesia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of a database related to Marengmang
Category: Data Breach
Content: The group claims to have leaked database of related to Marengmang in Indonesia.
Date: 2026-01-08T14:11:23Z
Network: telegram
Published URL: https://t.me/eightsixroot/76
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/235d42da-14ec-4457-8416-c141122fb43b.jpg
Threat Actors: EIGHT-SIX ROOT
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of UAE investors
Category: Data Breach
Content: The group claims to have leaked 90K database of UAE investors. The compromised data contains email, account name, phone, bill country , account status, brand, agent name, ftd status, ftd amount, total deposited usd and last Updated.
Date: 2026-01-08T14:02:36Z
Network: telegram
Published URL: https://t.me/bjorkaspirit/403
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/58a4ca09-5935-4360-acc3-16954e589125.jpg
Threat Actors: Bjorkanism
Victim Country: Unknown
Victim Industry: Financial Services
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of GCC database
Category: Data Breach
Content: The group claims to have leaked GCC crypto database.
Date: 2026-01-08T13:59:19Z
Network: telegram
Published URL: https://t.me/bjorkaspirit/422
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e7707735-ea6c-43be-8beb-9ccc74e743dd.png
Threat Actors: Bjorkanism
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data leak of Northern Cyprus Ministry of Health
Category: Data Breach
Content: The threat actor claims to have leaked 340,000 records from the Northern Cyprus Ministry of Health. The compromised data reportedly includes name, surname, ID number, gender, and birthplace.
Date: 2026-01-08T13:50:43Z
Network: openweb
Published URL: https://darkforums.io/Thread-DATABASE-REICHLeaks-Northern-Cyprus-Ministry-of-Health-Database-partial
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/b63d3908-969e-4aa6-b5c1-80c31614c240.png
Threat Actors: harakiri
Victim Country: Turkey
Victim Industry: Government & Public Sector
Victim Organization: ministry of health of the republic of cyprus
Victim Site: saglik.gov.ct.tr
Alleged leak of login credentials from Movimento Civico Mentana Nostra
Category: Initial Access
Content: The group claims to have leaked login credentials from the Movimento Civico Mentana Nostra website in Italy.
Date: 2026-01-08T13:48:59Z
Network: telegram
Published URL: https://t.me/eightsixroot/75
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9af1ecfe-c058-4a2e-ae50-527e165ee40c.png
Threat Actors: EIGHT-SIX ROOT
Victim Country: Italy
Victim Industry: Civic & Social Organization
Victim Organization: movimento civico mentana nostra
Victim Site: mentananostra.it/svil/wp-login.php
Alleged data leak of Dubai investors
Category: Data Breach
Content: The group claims to have leaked a database of Dubai investors.
Date: 2026-01-08T13:45:35Z
Network: telegram
Published URL: https://t.me/bjorkaspirit/313
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8c95570c-bc40-47e0-b4bd-77d444c853b6.jpg
Threat Actors: Bjorkanism
Victim Country: UAE
Victim Industry: Financial Services
Victim Organization: Unknown
Victim Site: Unknown
Alleged leak of login credential from Bryanston Primary School
Category: Initial Access
Content: The group claims to have leaked login credentials from Bryanston Primary School in South Africa.
Date: 2026-01-08T13:37:33Z
Network: telegram
Published URL: https://t.me/eightsixroot/75
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/785f0935-b557-4590-bcec-626bf13ff02d.png
Threat Actors: EIGHT-SIX ROOT
Victim Country: South Africa
Victim Industry: Education
Victim Organization: bryanston primary school
Victim Site: bpsonline.co.za/wp-login.php
Alleged unauthorized access to TotalSuite
Category: Initial Access
Content: The group claims to have gained unauthorized access to TotalSuite
Date: 2026-01-08T13:25:08Z
Network: telegram
Published URL: https://t.me/eightsixroot/75
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7dc1d5fb-e2db-4efe-9db5-d0e7ef3266e5.png
Threat Actors: EIGHT-SIX ROOT
Victim Country: Unknown
Victim Industry: Information Technology (IT) Services
Victim Organization: totalsuite
Victim Site: demos.totalsuite.net
Alleged leak of login credentials from Smackcoders
Category: Initial Access
Content: Group claims to have leaked login credentials for the admin panel of Smackcoders
Date: 2026-01-08T13:23:51Z
Network: telegram
Published URL: https://t.me/eightsixroot/75
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/bf92076a-1a93-4f5e-92ef-93fe5130f0b2.jpg
Threat Actors: EIGHT-SIX ROOT
Victim Country: India
Victim Industry: Software Development
Victim Organization: smackcoders
Victim Site: demo.smackcoders.com
Alleged leak of login credentials from NEX-Forms
Category: Initial Access
Content: Group claims to have leaked login credentials for the admin panel of NEX-Forms.
Date: 2026-01-08T13:22:44Z
Network: telegram
Published URL: https://t.me/eightsixroot/75
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e467ee3d-85b5-46c1-b620-67606daf918c.png
Threat Actors: EIGHT-SIX ROOT
Victim Country: Unknown
Victim Industry: Software
Victim Organization: nex-forms
Victim Site: basixonline.net
Alleged data breach of sorbonne university
Category: Data Breach
Content: The threat actor claims to have breached data from Sorbonne University, with two ZIP files measuring 379 MB and 30 MB.
Date: 2026-01-08T13:19:54Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-sorbonne-university-of-paris-2024
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/451a6158-82b1-4365-b6ed-8c57a09dcffb.png
Threat Actors: Aimbot
Victim Country: France
Victim Industry: Higher Education/Acadamia
Victim Organization: sorbonne university
Victim Site: sorbonne-universite.fr
Alleged unauthorized access to JBSofts
Category: Initial Access
Content: The group claims to have gained unauthorized access to JBSofts.
Date: 2026-01-08T13:17:18Z
Network: telegram
Published URL: https://t.me/eightsixroot/75
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/df2fb6bb-f844-4946-949a-6de283c82df5.png
Threat Actors: EIGHT-SIX ROOT
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: jbsofts
Victim Site: jbsofts.net
Alleged leak of login credential from WCPA Free Demo website
Category: Initial Access
Content: Group claims to have leaked login credential from WCPA Free Demo website, operated by Acowebs.
Date: 2026-01-08T13:12:38Z
Network: telegram
Published URL: https://t.me/eightsixroot/75
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/37dd97d2-5da3-494e-8bb4-399301da62f5.png
Threat Actors: EIGHT-SIX ROOT
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: acowebs
Victim Site: wcpa-free.demo2.acowebs.com
Alleged unauthorized access to AcyMailing
Category: Initial Access
Content: The group claims to have gained unauthorized access to AcyMailing.
Date: 2026-01-08T13:07:53Z
Network: telegram
Published URL: https://t.me/eightsixroot/75
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0eaa90bf-8c7d-4fa9-aebf-f699e7dac0b8.png
Threat Actors: EIGHT-SIX ROOT
Victim Country: France
Victim Industry: Marketing, Advertising & Sales
Victim Organization: acymailing
Victim Site: demo.acymailing.com
Alleged leak of login credentials from jaybabani.com
Category: Initial Access
Content: Group claims to have leaked login credentials for the admin panel of jaybabani.com.
Date: 2026-01-08T13:06:53Z
Network: telegram
Published URL: https://t.me/eightsixroot/75
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/862b1923-8f53-4d11-b7e2-4ea2e17ff10f.png
Threat Actors: EIGHT-SIX ROOT
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: jaybabani.com
Victim Site: jaybabani.com
Alleged data breach of Yaaka
Category: Data Breach
Content: The threat actor claims to have breached data belonging to Yaaka, totaling 252 MB, compressed into a 24 million archive.

Note: it was previously breached by the threat actor ‘nonokali’ on December 25, 2024.
Date: 2026-01-08T13:05:25Z
Network: openweb
Published URL: https://breachforums.bf/Thread-DATABASE-yaaka-fr-sql-2024
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e0f5b4d2-ce37-45d7-8c9c-96c2815fa568.png
Threat Actors: Aimbot
Victim Country: France
Victim Industry: Information Technology (IT) Services
Victim Organization: yaaka
Victim Site: yaaka.fr

Alleged data breach of Code With Harry
Category: Defacement
Content: The group claims to have breached 395,384 lines of data from the organisation, allegedly including email (395,150), phone (395,380), name (392,738), address (334).
Date: 2026-01-08T13:00:51Z
Network: telegram
Published URL: https://t.me/bjorkaspirit/310
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/708f1184-efeb-4221-8c89-2f276de319c3.JPG
Threat Actors: Bjorkanism
Victim Country: India
Victim Industry: Education
Victim Organization: code with harry
Victim Site: codewithharry.com
Alleged unauthorized access to mySCADA Technologies
Category: Initial Access
Content: Group claims to have gained unauthorized access to mySCADA’s systems and obtained confidential information related to its operations.
Date: 2026-01-08T12:58:49Z
Network: telegram
Published URL: https://t.me/n2LP_wVf79c2YzM0/3223
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/07ac0bb2-c1ea-46c5-85c1-482a8f0566a3.png
Threat Actors: Infrastructure Destruction Squad
Victim Country: Czech Republic
Victim Industry: Machinery Manufacturing
Victim Organization: myscada technologies
Victim Site: myscada.org
DEFACER INDONESIAN TEAM targets the website of UMMATAN
Category: Defacement
Content: The group claims to have defaced the website of UMMATAN.
Date: 2026-01-08T12:54:42Z
Network: telegram
Published URL: https://t.me/c/2433981896/517
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/99e47ff9-8f1f-4083-b974-74cabd8d0af1.png
Threat Actors: DEFACER INDONESIAN TEAM
Victim Country: Indonesia
Victim Industry: Religious Institutions
Victim Organization: ummatan
Victim Site: ummatan.yafata.or.id
Zen targets the website of Marang District Council
Category: Defacement
Content: the group claims to have defaced the website of Marang District Council
Date: 2026-01-08T12:49:48Z
Network: openweb
Published URL: https://defacer.id/mirror/id/224446
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/2cffc1a3-35fa-4d7c-98c8-1c67f2c34450.JPG
Threat Actors: Zen
Victim Country: Malaysia
Victim Industry: Government Administration
Victim Organization: marang district council
Victim Site: kpass-pay.mdmarangonline.gov.my
Alleged data breach of Accuick
Category: Data Breach
Content: The group claims to have breached 177 thousand user records from the organisation, allegedly including Candidate id, Name, Email, Phone number.
Date: 2026-01-08T12:45:33Z
Network: telegram
Published URL: https://t.me/bjorkaspirit/309
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/21f51cbf-0039-4a15-b572-a9d66226d214.JPG
Threat Actors: Bjorkanism
Victim Country: USA
Victim Industry: Staffing/Recruiting
Victim Organization: accuick
Victim Site: www4.accuick.com
Alleged data leak of Serbian citizens data
Category: Data Breach
Content: The group claims to have leaked data Serbian citizens. The compromised data includes name, address, street , personal numbers etc.
Date: 2026-01-08T12:43:08Z
Network: telegram
Published URL: https://t.me/bjorkaspirit/306
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7b8611a7-5197-420c-9390-76a7b2467925.jpg
Threat Actors: Bjorkanism
Victim Country: Serbia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of PROLIGA
Category: Data Breach
Content: The group claims to have breached 7000 user records belonging to PROLIGA, compromised data includes Roles, Names, Emails, Hashed Passwords, Phones, SMS codes, Images, Verification Details, Browser Details.
Date: 2026-01-08T12:38:16Z
Network: telegram
Published URL: https://t.me/bjorkaspirit/308
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/38ae5a8d-3a61-4e5b-99b7-d6b6de396b74.png
Threat Actors: Bjorkanism
Victim Country: Uzbekistan
Victim Industry: Sports
Victim Organization: proliga
Victim Site: proliga.uz
Alleged data breach of FindNear
Category: Data Breach
Content: The group claims to have breached data from FindNear, compromised data contains Full Name, Phone number, Location, KYC photo, State.
Date: 2026-01-08T12:38:00Z
Network: telegram
Published URL: https://t.me/bjorkaspirit/307
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/98fdb28c-392e-472b-9fad-61fd133a1feb.png
Threat Actors: Bjorkanism
Victim Country: Vietnam
Victim Industry: Mechanical or Industrial Engineering
Victim Organization: findnear
Victim Site: findnear.vn
Alleged data breach of French Federation of Mountaineering and Climbing
Category: Data Breach
Content: The threat actor claims to have breached 561,000 records belonging to the French Federation of Mountaineering and Climbing. The compromised data reportedly includes names, email addresses, physical addresses, and additional information. The data was allegedly leaked on January 6, 2026.
Date: 2026-01-08T12:34:46Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-FR-561K-F%C3%A9d%C3%A9ration-Fran%C3%A7aise-Montagnes-Escalade
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/890eaf37-c374-4056-aee6-d95fcb802bdf.png
Threat Actors: HexDex2
Victim Country: France
Victim Industry: Sports
Victim Organization: french federation of mountaineering and climbing
Victim Site: ffme.fr
lxrdk1773n targets the website of Department of Health
Category: Defacement
Content: Group claims to have defaced the website of Department of Health
Date: 2026-01-08T12:19:29Z
Network: openweb
Published URL: https://defacer.id/mirror/id/224438
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/60d8815e-9cd6-4912-9144-7e23d9065976.JPG
Threat Actors: lxrdk1773n
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: department of health
Victim Site: hpc11.go.th
Alleged data breach of French Bridge Federation
Category: Data Breach
Content: The threat actor claims to have breached 262,000 records belonging to the French Bridge Federation.The compromised data includes name , address , id , email and more.The data was leaked on April 28, 2025.
Date: 2026-01-08T12:16:37Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-FR-262K-F%C3%A9d%C3%A9ration-Fran%C3%A7aise-Bridge
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/572c4ea5-52fb-4fc1-9814-72f676592796.png
Threat Actors: HexDex2
Victim Country: France
Victim Industry: Sports
Victim Organization: french bridge federation
Victim Site: ffbridge.fr
Alleged data breach of Avantages Jeunes
Category: Data Breach
Content: The threat actor claims to have breached 282,906 records belonging to Avantages Jeunes. The compromised data reportedly includes name, address, ID, email address, and additional information.
Date: 2026-01-08T12:14:14Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-FR-AvantageJeunes-282K
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a7e4776b-ce31-4ebb-9c8d-cff971a6ad85.png
Threat Actors: HexDex2
Victim Country: France
Victim Industry: Legal Services
Victim Organization: avantages jeunes
Victim Site: avantagesjeunes.com
Alleged Unauthorised Access to an unidentified heating management system in the Czech Republic
Category: Initial Access
Content: The group claims to have gained alleged unauthorised access to an unidentified heating management system in the Czech Republic, The compromised system allegedly controls heat sources such as boilers, gas valves, and pumps, ensuring the circulation of hot water and the efficient operation of the system. It monitors indoor temperatures, the required temperature, outdoor temperature, and the temperature in hot water tanks.
Date: 2026-01-08T12:07:58Z
Network: telegram
Published URL: https://t.me/n2LP_wVf79c2YzM0/3216
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/551f1f1b-e544-468e-8cbf-5e4effe50718.JPG
https://d34iuop8pidsy8.cloudfront.net/7865c348-7c53-4af4-af49-c63407189443.JPG
Threat Actors: Infrastructure Destruction Squad
Victim Country: Czech Republic
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data sale of French American Football Federation (FFFA)
Category: Data Breach
Content: “The threat actor claims to be selling 59 MB of data from the French American Football Federation (FFFA), allegedly containing names, dates of birth, email addresses, countries, and more.
Date: 2026-01-08T11:56:25Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-FR-200K-F%C3%A9d%C3%A9ration-Fran%C3%A7aise-Football-Am%C3%A9ricain
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/732979dc-d72c-470b-a9c7-261d2e0b420c.png
https://d34iuop8pidsy8.cloudfront.net/d5a68f77-996f-4690-8e6d-ee34e2ebd0ff.png
Threat Actors: HexDex2
Victim Country: France
Victim Industry: Sports
Victim Organization: french american football federation
Victim Site: fffa.org
Alleged leak of Indonesian citizen pii data
Category: Data Breach
Content: The threat actor claims to have leaked the PII data of timothy ronald, an Indonesian citizen, allegedly containing his name, address, NIK, province, and other personal details.
Date: 2026-01-08T11:53:44Z
Network: openweb
Published URL: https://darkforums.io/Thread-DATABASE-Re-hello-Indonesian
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7b5458cb-2999-4266-9484-f29c9be71bf1.png
Threat Actors: KX7
Victim Country: Indonesia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Diparis targets the website of Integrated Foreign Trade Platform (Angola)
Category: Defacement
Content: Group claims to have defaced the website of Integrated Foreign Trade Platform (Angola).
Date: 2026-01-08T11:42:17Z
Network: openweb
Published URL: https://defacer.id/mirror/id/223128
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/4745813d-4556-44dc-99a5-109387cd3688.png
Threat Actors: diparis
Victim Country: Angola
Victim Industry: Government Administration
Victim Organization: integrated foreign trade platform
Victim Site: at.pice.gov.ao
Diparis targets the website of Muara Enim Regency Government
Category: Defacement
Content: Group claims to have defaced the website of Muara Enim Regency Government.
Date: 2026-01-08T11:36:55Z
Network: openweb
Published URL: https://defacer.id/mirror/id/222911
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8350903e-054f-4702-9606-3b6f28252170.png
Threat Actors: diparis
Victim Country: Indonesia
Victim Industry: Government Administration
Victim Organization: muara enim regency government
Victim Site: desa-gunungagung.muaraenimkab.go.id
Diparis targets the website of AgroPortal
Category: Defacement
Content: Group claims to have defaced the website of AgroPortal (Kyrgyzstan).
Date: 2026-01-08T11:34:25Z
Network: openweb
Published URL: https://defacer.id/mirror/id/223143
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/fe32a784-41a2-4f38-a782-5723c90ed45a.png
Threat Actors: diparis
Victim Country: Kazakhstan
Victim Industry: Government Administration
Victim Organization: agroportal
Victim Site: portal.agrosmart.gov.kg
404 CREW CYBER TEAM targets the website of Gallagher Consulting Group Inc.
Category: Defacement
Content: The group claims to have defaced the website of Gallagher Consulting Group Inc.
Date: 2026-01-08T11:13:18Z
Network: telegram
Published URL: https://t.me/crewcyber/505
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/71a9c8e5-bb71-4faa-a12d-0329992fd0fc.JPG
Threat Actors: 404 CREW CYBER TEAM
Victim Country: USA
Victim Industry: Management Consulting
Victim Organization: gallagher consulting group inc.
Victim Site: gallagherinc.com
TELSTAR CORPORATION falls victim to Qilin ransomware
Category: Ransomware
Content: The group claims to have obtained 194 GB of the organisations data.
Date: 2026-01-08T11:01:49Z
Network: tor
Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=bbf112b7-ebd3-38ab-8942-bf0dac31dcad
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5dc41aa2-69f2-45fd-9271-a4c3b274f2ad.JPG
Threat Actors: Qilin
Victim Country: South Korea
Victim Industry: Mechanical or Industrial Engineering
Victim Organization: telstar corporation
Victim Site: telstar-hommel.com
Hyfresh falls victim to Qilin Ransomware
Category: Ransomware
Content: The group claims to have obtained 240 GB of the organization’s data.
Date: 2026-01-08T10:58:03Z
Network: tor
Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=65d076c0-adba-3d45-874d-9e641a5d730d
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/a4a31e22-b55b-415c-ba5f-9deeb176c2bf.jpg
Threat Actors: Qilin
Victim Country: Malaysia
Victim Industry: Wholesale
Victim Organization: hyfresh
Victim Site: hyfresh.com.my
Cressi falls victim to Qilin ransomware
Category: Ransomware
Content: The group claims to have obtained the organisations data.
Date: 2026-01-08T10:41:25Z
Network: tor
Published URL: http://ijzn3sicrcy7guixkzjkib4ukbiilwc3xhnmby4mcbccnsd7j2rekvqd.onion/site/view?uuid=2fa58507-6b0f-3f07-8eed-42d7b1c952e5
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/78e2993e-7ea1-4245-b1ef-7a16744d2db9.JPG
Threat Actors: Qilin
Victim Country: Italy
Victim Industry: Manufacturing
Victim Organization: cressi
Victim Site: cressi.com
Alleged Unauthorised Access to the system in the Czech Republic
Category: Initial Access
Content: The group claims to have gained alleged unauthorised access to an unidentified heating management system in the Czech Republic, The compromised system allegedly allows to control monitor and control the building’s heating system, including adjusting temperature settings manually via a digital control panel and viewing real-time operational data for each boiler, such as outdoor temperature, indoor room temperature, estimated outdoor temperature, and water temperature in the pipeline after the boiler.
Date: 2026-01-08T10:37:14Z
Network: telegram
Published URL: https://t.me/n2LP_wVf79c2YzM0/3211
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/33bddc02-3d4c-478e-bc43-8f2559d79206.JPG
https://d34iuop8pidsy8.cloudfront.net/78555e0b-cb40-4645-ac77-edeb8e78fe72.JPG
Threat Actors: Infrastructure Destruction Squad
Victim Country: Czech Republic
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of ASI
Category: Data Breach
Content: The threat actor claims to have leaked 8.4 million data from ASI
Date: 2026-01-08T10:15:15Z
Network: openweb
Published URL: https://breachforums.bf/Thread-asi-fr-2024
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8173650d-2a54-4db8-86a4-8b875c3f49d0.png
Threat Actors: Aimbot
Victim Country: France
Victim Industry: Information Technology (IT) Services
Victim Organization: asi
Victim Site: asi.fr
Alleged Unauthorized Access to an Industrial HVAC Management System in the Czech Republic
Category: Initial Access
Content: The group claims to have accessed a HVAC management system at a large industrial facility in the Czech Republic, reportedly enabling control over temperature regulation, ventilation and airflow distribution, heating and cooling units, fans, thermal valves, and air disinfection modes used across production areas.
Date: 2026-01-08T09:23:37Z
Network: telegram
Published URL: https://t.me/n2LP_wVf79c2YzM0/3205
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e33d15c3-6ea4-42ad-9b5c-54ee363a65b8.png
https://d34iuop8pidsy8.cloudfront.net/00fd1c08-3355-4ced-93ad-0d74c4ab3315.png
Threat Actors: Infrastructure Destruction Squad
Victim Country: Czech Republic
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged Unauthorized Access to One Window Service Office (OWSO) Administrative Systems in Cambodia
Category: Initial Access
Content: The group claims to have accessed the centralized administrative service system of a One Window Service Office (OWSO) in Cambodia, reportedly gaining visibility into systems supporting residency registration, ID card issuance, nationality services, and other citizen and small-business administrative functions.
Date: 2026-01-08T09:21:07Z
Network: telegram
Published URL: https://t.me/EagleGodSEC/24
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/cc23a7c4-1bbb-4640-859c-5e6984249358.png
Threat Actors: EagleGodSEC
Victim Country: Cambodia
Victim Industry: Government Administration
Victim Organization: one window service office
Victim Site: owso.gov.kh
Alleged data breach of Rucha Engineering Excellence
Category: Data Breach
Content: The threat actor claims to have breached data from Rucha Engineering Excellence
Date: 2026-01-08T09:17:59Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SOURCE-CODE-Rucha-Engineers-Data-Breach-Leaked-Download
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0b1f6730-3bd7-451c-9cd8-d41c8588385f.png
https://d34iuop8pidsy8.cloudfront.net/20a07bd6-10f2-4184-a664-f83f969eae67.png
Threat Actors: 888
Victim Country: India
Victim Industry: Automotive
Victim Organization: rucha engineering excellence
Victim Site: rucha.co.in
HonkSec targets the website of PTSN Vishwavidyalaya
Category: Defacement
Content: The group claims to have defaced the website of PTSN Vishwavidyalaya
Date: 2026-01-08T09:09:36Z
Network: openweb
Published URL: https://defacer.id/mirror/id/224436
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/bc706954-c18b-4e73-a130-907469943839.JPG
Threat Actors: HonkSec
Victim Country: India
Victim Industry: Information Technology (IT) Services
Victim Organization: ptsn vishwavidyalaya
Victim Site: ptsnsuonline.com
Infrastructure Destruction Squad claims to target hospitals in Czech Republic
Category: Alert
Content: A recent post by the group indicates that they’re targeting hospitals in Czech Republic.
Date: 2026-01-08T09:09:14Z
Network: telegram
Published URL: https://t.me/n2LP_wVf79c2YzM0/3204
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7ab89e0d-df6f-428f-9aeb-48a8bf581d8e.jpg
Threat Actors: Infrastructure Destruction Squad
Victim Country: Czech Republic
Victim Industry: Hospital & Health Care
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Grupo Red Salud
Category: Data Breach
Content: The group claims to have breached the data of Grupo Red Salud, allegedly including files, documents, including personal customer data (PII) and other important data.
Date: 2026-01-08T08:19:35Z
Network: telegram
Published URL: https://t.me/Frontier_channel/232
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/28ca09c0-ae0a-4497-b1ef-f4f3521b917b.JPG
Threat Actors: FRONTIER
Victim Country: Peru
Victim Industry: Insurance
Victim Organization: grupo red salud
Victim Site: gruporedsalud.com
Alleged leak of Indonesian citizen pii data
Category: Data Breach
Content: The threat actor claims to have leaked the PII data of Nadiem Anwar Makarim, an Indonesian citizen, allegedly containing his name, address, NIK, province, and other personal details.
Date: 2026-01-08T08:14:15Z
Network: openweb
Published URL: https://darkforums.io/Thread-DATABASE-Re-NADIEM-ANWAR-MAKARIM
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ca1813c8-e8ee-440f-b4d7-6fbad2e25f21.png
Threat Actors: KX7
Victim Country: Indonesia
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
WOLF CYBER ARMY targets the website of KangBagus.com
Category: Defacement
Content: The group claims to have defaced the website of KangBagus.com
Mirror: https://defacer.id/mirror/id/224461
Date: 2026-01-08T07:49:58Z
Network: telegram
Published URL: https://t.me/c/2670088117/412
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d00d21be-8fe3-42e4-ba7d-a62c41e51c34.png
Threat Actors: WOLF CYBER ARMY
Victim Country: Indonesia
Victim Industry: Gambling & Casinos
Victim Organization: kangbagus.com
Victim Site: kangbagus.com
Alleged access to unidentified surveillance cameras in USA
Category: Initial Access
Content: The group claims to have gained unauthorized access to unidentified surveillance cameras in USA.
Date: 2026-01-08T07:21:17Z
Network: telegram
Published URL: https://t.me/Golden_falcon_team/587
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/6a52bc1e-aae5-424a-8fe2-ee439017b9af.jpg
Threat Actors: Golden falcon
Victim Country: USA
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged sale of 1200 CCs from Unidentified Hotel in Spain
Category: Data Breach
Content: The threat actor is offering to sell 1200 credit card records allegedly obtained from a hotel in Spain. The seller claims first-hand access, with the data linked to European cardholders and including standard card and holder details.
Date: 2026-01-08T05:03:26Z
Network: openweb
Published URL: https://forum.exploit.in/topic/273350/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/14956646-821e-459a-8d6b-e1f487e9c0fe.png
Threat Actors: s4sori
Victim Country: Spain
Victim Industry: Hospitality & Tourism
Victim Organization: Unknown
Victim Site: Unknown
Alleged Access to Wuhan University of Technology
Category: Initial Access
Content: The group claims to have gained access to Wuhan University of Technology
Date: 2026-01-08T04:53:40Z
Network: telegram
Published URL: https://t.me/HackShyen/9
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/c43b819d-5f7c-48d9-b95d-8f807cfe1b04.png
Threat Actors: HackShyen
Victim Country: China
Victim Industry: Higher Education/Acadamia
Victim Organization: wuhan university of technology
Victim Site: whut.edu.cn
Alleged Breach of OpenLoop Health
Category: Data Breach
Content: The threat actor claims to be leaked data from OpenLoop Health. The compromised data reportedly contain 1.6 million patients records including Full names, Email addresses, Phone numbers, Physical addresses, Dates of birth, IP addresses.
Date: 2026-01-08T04:43:14Z
Network: openweb
Published URL: https://breachforums.bf/Thread-SELLING-OpenLoopHealth-United-States-1-6M-Patients
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/36fc6d2f-a1d3-46c4-b85d-81cbe28fa239.png
Threat Actors: stuckin2019
Victim Country: USA
Victim Industry: Hospital & Health Care
Victim Organization: openloop health
Victim Site: openloophealth.com
Alleged Data Breach of THE STATE COUNCIL OF THE PEOPLE’S REPUBLIC OF CHINA
Category: Data Breach
Content: Threat actor claims to be leaking database of 1.2 billion Chinese citizen records, described as a full real-name registry compiled between 2016–2024. The dataset allegedly contains names, national IDs, phone numbers, addresses, dates of birth, GPS coordinates, and residence registration data. The actor claims the data originates from china.gov.cn–related systems, indicating potential exposure of government-linked infrastructure.
Date: 2026-01-08T04:38:34Z
Network: openweb
Published URL: https://leakbase.la/threads/china-citizen-database-1-2b-records-with-names-ids-gps-mobile.48021/
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/88301def-f83f-4c6e-8a33-1800d403b94a.png
Threat Actors: show_more
Victim Country: China
Victim Industry: Government Administration
Victim Organization: the state council of the people’s republic of china
Victim Site: china.gov.cn
PhantomSec1337 targets the website of D and D Custom Solutions
Category: Defacement
Content: The group claims to have defaced the website of D and D Custom Solutions
Date: 2026-01-08T04:27:19Z
Network: openweb
Published URL: https://defacer.id/mirror/id/224406
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/e5cf4a25-cf38-462f-9ead-341e9f84dd13.png
Threat Actors: PhantomSec1337
Victim Country: USA
Victim Industry: Building and construction
Victim Organization: d and d custom solutions
Victim Site: dndcustomsolutionsms.com
Applied LNG falls victim to Black Nevas Ransomware
Category: Ransomware
Content: The group claims to have obtained the organization’s data.
Date: 2026-01-08T04:03:39Z
Network: tor
Published URL: http://ctyfftrjgtwdjzlgqh4avbd35sqrs6tde4oyam2ufbjch6oqpqtkdtid.onion/publications/details/ece05613-086b-49db-a756-cc2e4f20bb89
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/7de52c80-37dc-4fd5-a82e-782f50f0f36f.png
https://d34iuop8pidsy8.cloudfront.net/2bd47428-d4bf-4cba-bdf8-b7dc2da0be80.png
https://d34iuop8pidsy8.cloudfront.net/84e86aae-2aa7-4556-98d4-b7fd22c77e8f.png
https://d34iuop8pidsy8.cloudfront.net/fe333d20-7385-4b54-a051-7c2c7d9fe3df.png
Threat Actors: Black Nevas
Victim Country: USA
Victim Industry: Oil & Gas
Victim Organization: applied lng
Victim Site: appliedlng.com
PhantomSec1337 targets the website of B and K Hardwood Floor
Category: Defacement
Content: The group claims to have defaced the website of B and K Hardwood Floor
Date: 2026-01-08T03:54:30Z
Network: openweb
Published URL: https://defacer.id/mirror/id/224404
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/8b513008-5401-46da-80a6-df25c6d982b6.png
Threat Actors: PhantomSec1337
Victim Country: USA
Victim Industry: Building and construction
Victim Organization: b and k hardwood floor
Victim Site: bkhardwoodfloor.com
SCHNEIDER PROTOTYPING INDIA PVT. LTD falls victim to BlackShrantac Ransomware
Category: Ransomware
Content: The group claims to have obtained 1TB of organization’s data. The data include Human Resource and Account data, Financial Data,etc.
Date: 2026-01-08T03:54:24Z
Network: tor
Published URL: http://jvkpexgkuaw5toiph7fbgucycvnafaqmfvakymfh5pdxepvahw3xryqd.onion/targets/41
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ca4f9497-4e0d-4230-b9c2-a85b1391d941.png
https://d34iuop8pidsy8.cloudfront.net/092dbe4a-db9d-4727-a47f-e9e8cd7465a5.png
https://d34iuop8pidsy8.cloudfront.net/5ba77088-4022-49c7-a14e-ca3d047a7660.png
Threat Actors: BlackShrantac
Victim Country: India
Victim Industry: Computer Software/Engineering
Victim Organization: schneider prototyping india pvt. ltd
Victim Site: si-smart.net
National Water Authority falls victim to BlackShrantac Ransomware
Category: Ransomware
Content: The group claims to have obtained 2 TB of organization’s data.
Date: 2026-01-08T03:53:22Z
Network: tor
Published URL: http://jvkpexgkuaw5toiph7fbgucycvnafaqmfvakymfh5pdxepvahw3xryqd.onion/targets/40
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9e5e3f17-c0b0-45ed-92b2-63042c70d56b.png
https://d34iuop8pidsy8.cloudfront.net/20660a81-0999-496f-99dc-f38381752107.png
Threat Actors: BlackShrantac
Victim Country: Peru
Victim Industry: Government Administration
Victim Organization: national water authority
Victim Site: ana.gob.pe
Alleged data leak of Ciputra‑owned private university network in Indonesia.
Category: Data Breach
Content: The threat actor claims to be leaked data from Ciputra owned private university network in Indonesia. The compromised data reportedly contain 20,573 students records including Username, passwords, Full name, Birth dates, gender, religion, nationality, Email addresses, phone numbers.
Date: 2026-01-08T03:42:32Z
Network: openweb
Published URL: https://darkforums.io/Thread-Selling-Students-of-private-university-network-owned-by-Ciputra-in-Indonesia
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/d648b7f5-d0a6-4636-a403-2ff04a3e3ad8.png
Threat Actors: femboy
Victim Country: Indonesia
Victim Industry: Education
Victim Organization: Unknown
Victim Site: Unknown
PhantomSec1337 targets the website of Black Flag Construction
Category: Defacement
Content: The group claims to have defaced the website of Black Flag Construction
Date: 2026-01-08T03:17:35Z
Network: openweb
Published URL: https://defacer.id/mirror/id/224403
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/81056a6d-6837-4a10-b1aa-f489fddaf18b.png
Threat Actors: PhantomSec1337
Victim Country: USA
Victim Industry: Building and construction
Victim Organization: black flag construction
Victim Site: blackflagconstruction.com
CyberOprationCulture targets the website of Para Service
Category: Defacement
Content: The group claims to have defaced the website of Para Service
Date: 2026-01-08T02:53:43Z
Network: telegram
Published URL: https://t.me/c/3421269527/34
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/1ac7c81a-577e-4336-834f-318379c99d39.png
Threat Actors: CyberOprationCulture
Victim Country: Iran
Victim Industry: Consumer Electronics
Victim Organization: para service
Victim Site: paraserviceco.com
PhantomSec1337 targets the website of Brother Flooring Contractor
Category: Defacement
Content: The group claims to have defaced the website of Brother Flooring Contractor
Date: 2026-01-08T02:45:21Z
Network: openweb
Published URL: https://defacer.id/mirror/id/224405
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/9a09cc20-1729-4bfb-b207-e1d104206435.png
Threat Actors: PhantomSec1337
Victim Country: USA
Victim Industry: Building and construction
Victim Organization: brother flooring contractor
Victim Site: brotherflooringcontractor.com
PhantomSec1337 targets the website of B & B Carpentry Inc
Category: Defacement
Content: The group claims to have defaced the website of B & B Carpentry Inc
Date: 2026-01-08T01:46:42Z
Network: openweb
Published URL: https://defacer.id/mirror/id/224402
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ee8407ad-4ef8-49cd-84dd-2dbba56202e5.png
Threat Actors: PhantomSec1337
Victim Country: USA
Victim Industry: Building and construction
Victim Organization: b & b carpentry inc
Victim Site: bandbcarpentryincma.com
Alleged sale of Twitch account cookies
Category: Data Breach
Content: Threat actor claims to selling Twitch account cookies.
Date: 2026-01-08T01:16:17Z
Network: openweb
Published URL: https://breachforums.bf/Thread-COLLECTION-TWITCH-ACCOUNT-COOKIE
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/54c0cf90-efa6-49ff-b778-09f63d069e7e.png
Threat Actors: Bytefalco
Victim Country: Unknown
Victim Industry: Unknown
Victim Organization: twitch
Victim Site: twitch.tv
Alleged data leak of Indian students data
Category: Data Breach
Content: Threat actor claims to have leaked data of Indian students. The compromised data includes UserID, UserFirstName, FirstName, UserProfileImage, UserCoverPhoto, UserLastName, UserEmail, UserContactNo, UserPassword, UserAuthorizationToken, UserAccountActivationToken, UserGender, UserLocationName, UserCityName, Country, etc.
Date: 2026-01-08T01:00:14Z
Network: openweb
Published URL: https://darkforums.io/Thread-DATABASE-INDIAN-students-data
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/0c3bcfc4-a514-4474-bc78-0789f636f3d9.png
Threat Actors: crazyboy68
Victim Country: India
Victim Industry: Unknown
Victim Organization: Unknown
Victim Site: Unknown
Alleged data breach of Lacoste S.A.
Category: Data Breach
Content: Threat actor claims to have leaked 12200 Line of source code and windows host file from Lacoste S.A.
Date: 2026-01-08T00:56:34Z
Network: openweb
Published URL: https://breachforums.bf/Thread-LACOSTE-DATA-S
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/5708a23d-9883-4f99-a4f0-fdd8ca43a7a5.png
Threat Actors: LAPSUS-GROUP
Victim Country: France
Victim Industry: Fashion & Apparel
Victim Organization: lacoste s.a.
Victim Site: lacoste.com
Alleged data breach of INPI
Category: Data Breach
Content: Threat actor claims to have leaked data from INPI. The compromised data reportedly contain 26 million records of Company Information and 6.5 million records of financial reports including Company registrations and identifiers, Legal status and modifications, Annual financial reports, Business activity classifications.
Date: 2026-01-08T00:50:02Z
Network: openweb
Published URL: https://breachforums.bf/Thread-FR-180GB-26M-French-Company
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/3492c1f5-5722-4173-a0a8-53977dc7be3c.png
https://d34iuop8pidsy8.cloudfront.net/72dcb4fa-b0a1-47a8-8861-9d4f932696e8.png
Threat Actors: HexDex2
Victim Country: France
Victim Industry: Other Industry
Victim Organization: inpi
Victim Site: inpi.fr
Alleged data leak of Hanarologis
Category: Data Breach
Content: Threat actor claims to have leaked data from Hanarologis. The compromised data reportedly include Usernames, Passwords, IP addresses, Registration dates.
Date: 2026-01-08T00:20:37Z
Network: openweb
Published URL: https://darkforums.io/Thread-DATABASE-New-Leak-in-South-Korea-Database-hanarologis-co-kr%E2%AD%90%EF%B8%8F
Screenshots:
https://d34iuop8pidsy8.cloudfront.net/ef43f484-93af-43f2-b433-c3d66d9ace4c.png
Threat Actors: AshleyWood2022
Victim Country: South Korea
Victim Industry: E-commerce & Online Stores
Victim Organization: hanarologis
Victim Site: hanarologis.co.kr