A threat actor has allegedly breached and is now selling a massive database belonging to Servicio de Agua y Drenaje de Monterrey, I.P.D. (AyD). The victim is a major public company responsible for providing essential water, drainage, and sewage services to millions of citizens in the Mexican state of Nuevo Leon. The data is being offered for sale on a dark web forum, posing a significant risk to the residents who rely on this critical public utility.
The threat actor claims to have obtained over 790 GB of data, encompassing 1.9 million lines of user information. The compromised data allegedly includes highly sensitive personal and financial details. The advertisement highlights the potential for misuse, such as identity theft, financial fraud, and other malicious activities, given that consumption receipts are often used as proof of address. The allegedly leaked information includes:
- 🇲🇽 Servicio de Agua y Drenaje de Monterrey, I.P.D.: A public company that manages water and sewage services for millions of citizens in Nuevo Leon, Mexico.
- Official consumption receipts
- Full names
- Addresses
- Fiscal data
- Consumption information
In addition to selling the database for a relatively low price, the cybercriminal has also issued a direct extortion demand to the government of Nuevo Leon. They are demanding a payment of $10,000 in cryptocurrency within a one-week deadline to prevent the widespread sale and distribution of the citizens’ private information. The threat actor also boasts that the public company’s system is “vulnerable by design,” suggesting that further exploitation could be possible.
