A threat actor claims to have breached and is selling a database belonging to Ustundag Turizm, a company operating in the tourism sector in Turkey. The actor posted the database for sale on a dark web forum, asking for $10,000 in Monero (XMR).
According to the threat actor, the compromised database contains a significant amount of personally identifiable information (PII). The data types allegedly exposed include:
- Full names (MEMBERNAME, MEMBERSURNAME)
- Email addresses
- Physical addresses
- Passwords
- Turkish National ID numbers (TCNUMBER)
- Dates of birth
- Phone numbers (CEPNUMBER, TELEPHONE1, TELEPHONE2)
- Gender
- Nationality
