A threat actor has claimed responsibility for leaking the database of Dibcase, a cloud-based software platform specifically designed for Social Security practitioners, attorneys, and disability advocates. The alleged breach, which occurred in September 2024, includes over 4 million rows of sensitive data from Dibcase.
The leaked data includes detailed client notes, as evidenced by the structure shared by the threat actor:
- NOTE_ID
- Client References
- Note Texts and Dates
- Billing Information
- Invoice Details
- Responsible Parties
The data breach was reportedly carried out by a threat actor going by the name “Chucky.” The threat actor has shared the database structure and claims that sensitive information has been exposed, affecting numerous legal practitioners and their clients.