A threat actor, Chucky, has purportedly leaked the database of Banregio, a well-established commercial banking institution founded in 1994 and headquartered in Mexico. Banregio primarily caters to small and medium-sized companies, offering a range of financial services including business loans, leasing, factoring, and working capital loans.
According to the threat actor, access to the control panel was obtained due to malfunctions and errors, which facilitated the export of all project attachments, resulting in data being stored in HTML format with accompanying screenshots. The leaked data reportedly encompasses various administrative panels, FTP access credentials, server log files, and more. With such access, malicious actors could potentially exploit the information to locate admin panels of Banregio’s clients, as well as databases and other sensitive resources. The size of the leaked data is estimated to be 340 MB, comprising file types such as DOC, XLSX, CSV, SQL, and HTML.