A threat actor claims to have breached Whosarat.com, a website that describes itself as an online database of police informants, jailhouse snitches, and DEA spies. The actor is offering the site’s database, containing highly sensitive personal and operational information, for sale on a cybercrime forum.
According to the actor, the database contains records for 30,000 users. The compromised data is extensive and includes not only personal user information but also detailed profiles of alleged informants. The data reportedly includes:
- User IDs and passwords
- First and last names and aliases
- Email addresses
- Phone numbers
- Full physical addresses including street, city, state, and ZIP code
- Demographic data including age, gender, and race
- Alleged illegal activities and substances involved
- Detailed descriptions of informant activities
- Criminal records
- Photos of individuals
- Credibility assessments
- Associated law enforcement agencies
- Contact details for attorneys and other associated persons
- Information on whether an individual accepts collect calls
