Weekly Summary

Share this analysis

2,990,393 leaked accounts discovered by the BreachAware® Research Team last week.

24 April 2023

A total of 16 breaches were found and analysed resulting in 2,990,393 leaked accounts containing a total of 23 different data types. The breaches found publicly and freely available included Viva Air (2), Stealer - Mixed logs 0296, OGUsers (2022 Breach), Pure Cars and Doll Beauty. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.


A Brazilian wholesale mobile phone insurance provider has had a terrible week. What appears to be their entire website, inside and out, has been dumped online. This is everything from their user base, source code and even their private certificate files for their server. The company has clients such as Motorola and Amazon and boasts of its "advanced screening technology". This type of data breach could have knock-on effects on businesses around the world that sell mobile devices with device protection plans. Brazilian consumers, especially, should be on the lookout for that classic "parcel couldn’t be delivered" text message.

A sex shop based in Belgium has also suffered a data breach. The data interestingly contains a folder with a few different files with messages sent to users of the site. It seems that the hacker was attempting to blackmail users by alleging that they had installed malicious software on their computers, which then extracted their search history as well as secretly recording them via their webcams.

The hacker goes on to say that he/she has recordings and images of the user, the type of stuff that most people wouldn’t want shared with the public, and will post it all over the internet unless the victim pays up. A bitcoin address was supplied, allowing the victim to pay a couple hundred bucks to avoid this misfortune. We checked a couple of the bitcoin addresses, and they had never had any transactions in or out, so it seems that victims didn’t pay or the attack was just a lie.


Forget the EU’s fight against cash and crypto currencies it seems like they have also inadvertently branched out into the distribution of malware. Intel pointed out, in a post to a well informed cyber message board, that an official domain of the EU is enticing people via a link to download a free copy of the latest John Wick IV Film...

The url links to a PDF that directs users to click another link that claims to be the film. But it seems the EU has shown itself as the 'boogeyman', because the promised free download is actually malware. We hope the issue is addressed immediately, a threat actor could have potentially compromised the domain or has been able to upload files via a compromised admin account.


Microsoft recently announced they are changing the way they name and label (taxonomy) threat groups. Whilst the new names are some what challenging to take seriously, there seems to be a methodology behind the new conventions with a weather event or family name representing one of the 5 categories they have identified. For example Americium now becomes 'Pink Sandstorm' whilst Zirconium becomes 'Violet Typhoon.'

The Scottish police have gone ahead with a digital evidence sharing system pilot despite concerns that the system could not fully comply with specific data protection requirements for UK law enforcement bodies. According to Computer Weekly, the concerns were flagged by the Scottish Police Authority (SPA) and the suppliers concerned have known for at least 2 years but no action was taken.


Contact Data, Technical Data, Financial Data, Transactional Data, Social Relationships Data, Locational Data, Socia-Demographic Data, Communications Data, Behavioural Data, Usage Data, Documentary Data, National Identifiers.

  • Key Statistics
  • Breaches Discovered