'Excrement' delivery service that ships worldwide has been breached.

A total of 22 breaches were found and analysed resulting in 22,559,432 leaked accounts containing a total of 20 different data types. The breaches found publicly and freely available included Aptoide (2), CafeMom, GE.TT, gPotato and Banorte.. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

Unfortunately, an 'excrement' delivery service which has been operating since 2014, was breached. The site offers users the choice of which type of excrement to send, from horse to pig excrement. Shipping world-wide and also accepting bitcoin, meaning users can send sh*t with anonymity. The actual breach consists of a variety of datasets and thousands of unique email addresses.

A professional looking Icelandic payment site's data caused a bit of a debate within the team, the site allows users to send money globally with low fees and a choice of currencies, including crypto. During our investigation, we came across a financial review site which shone some light on several things. The lack of SSL certification, that the website's was 6 months old, and the website traffic being almost null.

Perhaps this was a well-crafted scam page, or perhaps our paranoia got the better of us. Browser and device information, along with email addresses, were just some of the credentials which are now circulating.

And finally, a Mexican banking services company has been breached after having an altercation with a threat actor online. When they ordered him or her to take down some content that was connected to the company, they sighted financial and reputational risk. It doesn’t look like the threat actor was the cause of the breach but bought it from another and dumped it online for free. Millions of email addresses, along with physical addresses, were in the data breach, as well as mobile phone numbers.