A threat actor has listed a database for sale allegedly belonging to AIESEC Canada, a prominent non-profit organization that provides young people with leadership development and cross-cultural exchange opportunities.
The actor claims the database contains over 158,000 rows of user information exported from the aiesec.ca domain.
The threat actor claims the dataset includes 136,000 unique email addresses and 99,000 unique phone numbers. According to the provided sample, the allegedly compromised data includes extensive personally identifiable information (PII):
-
Full names
-
Email addresses
-
Phone numbers (mobile, home, etc.)
-
Birthdates
-
Mailing addresses
-
Gender
-
University and “Area of Study” details
-
Account and Contact IDs
-
Internal user information (e.g., “Role,” “Department”)












