Threat Actor: Unknown | Unknown
Victim: Pezesha | Pezesha
Price: $300
Exfiltrated Data Type: National ID Numbers, Phone Numbers, Photo IDs, Additional Data
Additional Information :
- The breach occurred on January 31, 2024.
- The compromised data includes seven distinct databases.
- The exposed data includes 1,122,000 unique National ID Numbers.
- The exposed data includes 328,000 unique Phone Numbers.
- The exposed data includes 4,535 Photo IDs.
- The exposed data also includes SMS notifications, documents, personal data, and loan applications.
- The total dataset is being offered for sale at $300.
- The hacker has a one-hand sale policy.
In a cyber incident, a threat actor claims to have breached the systems of Pezesha, a prominent Kenyan financial services platform, and obtained extensive user data. Pezesha, known for enabling financial inclusion by connecting small and medium-sized enterprises (SMEs) with working capital, is now facing a potential data security crisis. The breach, allegedly executed on January 31, 2024, has resulted in the exposure of several databases containing sensitive user information.
Details of the Alleged Breach
The hacker asserts that the compromised data includes seven distinct databases encompassing a wide range of user information and financial records. The exposed data reportedly includes:
- National ID Numbers: 1,122,000 unique entries
- Phone Numbers: 328,000 unique entries
- Photo IDs: 4,535 files
- Additional Data: SMS notifications, documents, personal data, and loan applications
The total dataset is being offered for sale at $300, with the hacker indicating a one-hand sale policy.
Original Source: https://dailydarkweb.net/threat-actor-claims-to-sell-pezesha-database/