A threat actor has allegedly posted a significant trove of data for sale on a dark web forum, claiming it belongs to the clients of Vistra Group, a prominent global provider of corporate, trust, and fund administration services. Vistra is known for its specialization in managing company formations and navigating complex regulatory landscapes, particularly in offshore jurisdictions, making the potential exposure of its client data highly sensitive. The data is being sold for approximately worth of Monero (XMR).
According to the dark web post, the leak originates from Vistra’s Hong Kong operations, specifically from clients previously managed by Sertus, a company acquired by Vistra in 2024. The total data size is reported to be around GB, encompassing approximately files related to nearly offshore companies registered in jurisdictions like the British Virgin Islands, Cayman Islands, and Seychelles. The actor claims the data is current up to 2025.
The compromised information is said to be extensive and contains highly confidential corporate and personal details. The threat actor listed the types of data allegedly included in the leak:
- Certificate of Incorporation
- Memorandum & Articles of Association
- Registers of Directors, Beneficial Owners, Members, Secretaries, and Transfers
- Share Certificates
- Corporate authorization documents
- Board and Shareholder Resolutions
- Personal identity documents (passports, national IDs) and proof of address
- Personal and institutional financial information (balance sheets, financial statements, bank account numbers, source of funds, invoices)
