A threat actor has listed a significant data breach for sale on a dark web forum, targeting the Indian-based company Carehands. According to the post, the company operates in home care, placement services, medical tourism and tours & travels sectors.
The offering, priced at $2,100, includes access to a database containing sensitive information of 1.3 million clients. The breach, dated August 17, 2024, exposes client data from Carehands’ integrated businesses, which range from home care services to medical tourism and travel.
The compromised files, available in CSV format, reportedly include documents, lead imports, resumes, and various types of notes, all tied to Carehands’ operations. The threat actor also included a sample from the alleged leak.