STC Kuwait, a major telecommunications provider in the country, has allegedly suffered a significant data breach. A threat actor has posted on a dark web forum claiming to be in possession of sensitive personal information belonging to over 300 employees of the company. STC Kuwait, a subsidiary of the stc Group, is a key player in the nation’s digital infrastructure, providing mobile, internet, and integrated ICT solutions to a wide range of customers since its establishment in 2008.
The seller on the forum claims the stolen database is particularly useful for “Know Your Customer” (KYC) verification processes, suggesting the data could be exploited for identity theft and other fraudulent activities. To substantiate their claims, the individual posted several samples of the compromised information, including screenshots of internal documents and a partial list of the affected employees. The leak allegedly exposes highly sensitive and personal employee records.
The compromised data allegedly includes the following:
- Employee Civil ID numbers and pictures
- Full names
- Employee phone numbers
- Job titles
