Urbaner, a prominent last-mile logistics and delivery company based in Peru, has allegedly suffered a significant data breach. The company, which provides crucial delivery solutions for e-commerce, marketplaces, and corporate clients by managing package pickup and final delivery, is a key intermediary between sellers and customers in the region. A threat actor has claimed on a dark web forum to be in possession of a complete database dump from the company, impacting approximately 60,000 users.
The compromised data allegedly includes a wide range of sensitive information from internal user accounts, employees, clients, and administrators. According to the post, the leaked database contains encrypted passwords, though the specific hashing algorithms ( and a wrapped ) were disclosed. The exposure of such detailed information, including staff and superuser access flags, could pose a serious security risk, potentially leading to targeted phishing campaigns, identity theft, and further unauthorized access to corporate systems.
The leaked database fields allegedly include:
- Created At
- Date Joined
- Deleted
- First Name
- ID
- Is Active
- Is Staff
- Is Superuser
- Last Login
- Last Name
- Password
- Updated At
- Report Filename
