SOCRadar® Cyber Intelligence Inc. | The Week in Dark Web – 20 September 2022 – Data Leaks


Sep 20, 2022
3 Mins Read

The Week in Dark Web – 20 September 2022 – Data Leaks

Powered by DarkMirror™

Last week, threat actors continued selling leaked government and private organizations’ databases. The most notable leaks are about the Indonesian government. These leaks seem like a part of the cyber-attack series targeting the country. Here is a wrap-up of the last week’s dark web incidents.

Find out if your data has been exposed on the deep web.

Receive a Free Deep Web Report for Your Organization

Database of a Chinese Pharma Company is Leaked 

On 15 September, a hacker forum monitored by SOCRadar Analysts shared a 6gb+ database sale. The victim is a Chinese high-tech biopharmaceutical company. The leaked database includes sensitive information like credit credentials, personal information, and healthcare records. The data represents 100.000 donors’ information.

Russian Website Manager is Hacked 

SOCRadar Analysts have found a post on a dark web forum that shares 5.3 GB of stolen data from a website manager in Russia. The attacker claims the manager let them access hundreds of domains. The Leak File includes domain source code and databases.

Indonesia Ministry of Internal Affairs’ Database is Leaked 

On 15t September, a post came to the attention of SOCRadar Analysts. The post’s creator claims they have a database containing Indonesian Citizen’s personal information. The vendor shares a Telegram account to sell the database.

Indonesia Ministry of Health’s Database is Leaked 

On 14 September 2022, an announcement was posted in a hacker forum that the SOCRadar keeps an eye on. The post is about a leaked database covering a few ministry sub-domains. The vendor shares all the data for free.

Iranian Citizen Database Leaked 

On 13 September, a notice for selling a new database of an Iranian Citizenship portal. The leak contains 69 million citizens’ information, including name, phone number, id, location, gender, and age.

Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.