Optic 2000 Allegedly Targeted: Invoice Files, Franchise Data, and Customer Records Exposed
A threat actor on an underground forum is claiming to have leaked a database allegedly belonging to Optic 2000, a French optical retail and eyewear brand.
Dark Web Informer - Cyber Threat Intelligence
Chilean Fire Department System Allegedly Breached: VIPER Platform Records and Internal Documents Exposed
A threat actor on an underground forum is claiming to have compromised VIPER, an integrated management platform allegedly used by Chilean fire departments.
WisERP Allegedly Targeted: 1.5M U.S. ERP Customer Records Advertised in Auction
A threat actor on an underground forum is claiming to auction a customer database allegedly belonging to WisERP, a smart ERP solutions provider for modern businesses.
Pakistani Government Agencies Allegedly Targeted in Multi-Department Personnel Database Leak
A threat actor on an underground forum is claiming to share database entries allegedly tied to multiple Pakistani government agencies.
CVE-2026-48172: Critical LiteSpeed cPanel Plugin Flaw Exploited for Privilege Escalation
LiteSpeed User-End cPanel Plugin privilege-escalation vulnerability reportedly exploited in the wild, with potential root-level impact on affected hosting servers.
Hillpointe Allegedly Targeted: 2.5M U.S. Housing Development Customer and Employee Records Leaked
A threat actor on an underground forum is claiming to leak customer and employee data allegedly belonging to Hillpointe, a U.S. housing development and property management company.
Daily Dose of Dark Web Informer - May 21st, 2026
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
ATOA allegedly exposed: 23,685 fintech records and 326 KYC document archives
ATOA has been named in a forum leak post involving an alleged database exposure with user, wallet, transaction, instalment, KYC, contact, and invoice records.
Mexican Citizenship Document Service Advertised on Underground Forum
A threat actor is advertising an alleged Mexican citizenship and passport document service, claiming to provide officially verified identity documents through in-person collection at government offices.
Perumda Tirta Musi Palembang Alleged Customer Database Sale: 437K+ Utility Records Advertised
Perumda Tirta Musi Palembang has been named in a forum sale listing involving an alleged water utility customer database exposure.
Uruguay DNIC allegedly leaked: 5.8M citizen database records exposed
A forum actor claims to have shared a Uruguay DNIC citizen database containing more than 5.8 million records.
Canada Beauty Salon database shared: 1M+ business lead records posted from beauty and cosmetics sector
A forum user claims to have shared a large business lead database focused on beauty salons, cosmetics businesses, and related personal care services across Canada and international regions.
Watiqa.ma allegedly breached: 695K Moroccan civil document platform records exposed
A threat actor claims to have leaked a full database dump tied to Watiqa.ma, Morocco’s government electronic platform for requesting civil status documents.
Nirvasa allegedly breached: 3.5K healthcare platform user records advertised for sale
A threat actor claims to be selling data tied to Nirvasa, an Indian digital healthcare platform focused on primary care, personalized treatment, and patient services.
Daily Dose of Dark Web Informer - May 18th, 2026
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Indonesian LSP Certification Databases Allegedly Leaked: 20+ Professional Certification Institute Datasets Exposed
A threat actor claims to be publishing additional databases tied to Indonesian Professional Certification Institutes (LSP), alleging that more than 20 LSP datasets have been obtained and are being released as part of an ongoing extortion-driven leak campaign.
DPMPTSP Kabupaten Belu Allegedly Breached: 12.3K+ Business Licensing and Investment Service Records Leaked
A threat actor claims to have leaked a database tied to Dinas Penanaman Modal dan Pelayanan Terpadu Satu Pintu Kabupaten Belu (DPMPTSP), the Indonesian local government agency responsible for investment services and integrated business licensing in Belu Regency.
Perm National Research Polytechnic University Allegedly Breached: 362K Internal Student Research System Records Leaked
A threat actor claims to have leaked a complete database dump tied to Perm National Research Polytechnic University, a major technical university in Russia, from an internal accounting and monitoring system used for student research work.
Stych Allegedly Breached: 1.34M Customer Database Entries Exposed from French Mobility Service Records
A threat actor claims to be selling a fresh database dump linked to Stych, a French driving school and mobility training platform.
Auchan Allegedly Breached: 1.29M Customer Database Entries Exposed from French Retail Records
A threat actor claims to be selling a fresh database dump linked to Auchan, the French multinational retail group.
A real-time cyber threat intelligence platform that monitors the dark web and clearnet for data breaches, ransomware campaigns, darknet market activity, leaked databases, and active threat actors.