A threat actor known as @IntelBroker has claimed responsibility for a significant data breach involving Mykukun, a company that collaborates with major banks and financial institutions such as NYK, SOFI, and USBank. The breach, reportedly executed in August 2024, predominantly affects USBank members.
Details of the Alleged Breach:
- Compromised User Data Fields:
- User ID
- Username
- Source User ID
- User Email
- First and Last Names
- Screen Name
- Address
- Zip Code
- Profile Images and Avatars
- Phone Numbers (including mobile)
- Additional Information
- Activation Key
- User Status
- Phone Validation Status
- Registration and Verification Dates
- Application Details
- Account Activity Status
- Creation and Update Metadata
- Total Records Compromised: Approximately 2.7 million lines of user data.
The threat actor has made the alleged breached database available for download, emphasizing that the majority of the compromised information pertains to USBank members. This breach, if authenticated, could have far-reaching implications for the affected individuals and institutions.
