A threat actor has made serious allegations about a potential breach of the PAJ GPS database, a brand known for its GPS tracking devices used globally to track people, vehicles, and assets. The alleged breach reportedly involves sensitive data of users and companies, including device location information, personal data, and access credentials.
The threat actor claims to have access to 26,120 lines of data, which they describe in detail. The data purportedly includes a range of personally identifiable information (PII) such as names, email addresses, street addresses, and company details, along with sensitive GPS tracking data like maps and routes. The post also alleges that access to the administrative panel of the PAJ GPS system has been obtained, which would give unauthorized users full control over device management and monitoring.
The leaked dataset allegedly contains data from global companies, with devices tracking high-value assets, including sports cars, boats, vans, and bicycles. Alongside this data, the threat actor shared cracked password hashes and images showing access to the admin panel, user management tools, and live maps of user accounts.
They have also provided contact details via TOX and Telegram for interested parties.
