A threat actor has surfaced with claims of selling unauthorized access to the database of a major Italian Internet Service Provider (ISP) through an SQL Injection vulnerability. This access allegedly compromises critical data from 20 different databases.
The databases include “clienti,” “information_schema,” “n2q_gest,” and others that have been redacted to avoid detection by the victim. The list also features “clienti_solopec,” “dev1,” “dns,” “gest,” “ipplan,” “ldap,” “monitor,” “phpmyadmin,” “policyd,” “policyd2,” “postfix,” “roundcube,” “roundcube_wisp,” and “webcam.” The threat actor claims this database is the main one used by the entire ISP, highlighting the severity of the breach.
To avoid detection by the victim, several database names have been censored in the listing. The actor claims this database is the main one used by the entire ISP, highlighting the severity of the breach.