Threat Actor: bizmoto | bizmoto
Victim: Bizmoto Philippines | Bizmoto Philippines
Price: $10,000
Exfiltrated Data Type: Customer KYC files, personal identification documents
Key Points :
- The threat actor demanded PHP 1 million in Bitcoin, threatening to leak sensitive customer data.
- The breach involved 34GB of data, including over 5,000 records and more than 400 folders of identification cards.
- Samples of the leaked data were provided on a dark web forum to demonstrate the extent of the breach.
- Customers are at high risk for identity theft and fraud due to the exposure of their personal and financial details.
- Bizmoto has not yet confirmed the full scope of the breach or released an official response.
On Thursday, Bizmoto issued an urgent advisory regarding ongoing system maintenance, informing users of necessary steps being taken to resolve technical issues. However, on October 8, a malicious pop-up confirmed that the platform had been hacked. The threat actor, identifying themselves under the alias “bizmoto”, demanded PHP 1 million in Bitcoin, threatening to leak sensitive customer data, including IDs and selfies, if the ransom wasn’t paid within 24 hours.
As of today, the threat actor made good on their promise. They posted on a dark web forum, openly selling the Bizmoto Philippines database for $10,000. The full breach amounted to a staggering 34GB, comprising critical customer KYC (Know Your Customer) files and documents. Samples of the leaked data were provided, including over 5,000 records and more than 400 folders containing various identification cards. The hacker also provided multiple download links to prove the extent of the breach, further amplifying the severity of the compromise.
Bizmoto customers are now at high risk, with their personal identification and financial details exposed. This breach could lead to serious repercussions such as identity theft, fraud, and other forms of cybercrime.
Bizmoto has not yet released an official response or confirmed the full scope of the breach. Customers are advised to remain vigilant and take steps to protect their identities and financial information.