Brazilian financial company AGX Financeira is allegedly the latest victim of a significant data breach. A threat actor has posted on a forum claiming to have exfiltrated a massive database belonging to the company, which specializes in providing home equity loans to its customers. The seller is asking for $1,500 for the data, which is said to originate from a complete dump of the company’s MySQL server, totaling over 8 GB and encompassing 78 data tables. The potential exposure of such sensitive financial and personal information places millions of Brazilian citizens at risk of fraud and identity theft.
The scale of the alleged breach is substantial. The perpetrator claims the database contains the personal information of a vast number of individuals. The compromised data allegedly includes highly sensitive details that could be used for malicious purposes. The seller highlights the presence of millions of unique records, painting a grim picture of the potential fallout from this incident for the clients of AGX Financeira.
The leaked data allegedly includes a wide array of personally identifiable information (PII). Among the compromised data points are:
- Phone Numbers: Over 10.7 million unique entries.
- CPF (Cadastro de Pessoas Físicas): Over 3.8 million unique Brazilian taxpayer ID numbers.
- Email Addresses: 1.2 million unique addresses.
- Full Names
- Dates of Birth
- Sex
