Threat Actor: Unknown | Unknown
Victim: Italian Internet Service Provider | Italian Internet Service Provider
Price: Not specified
Exfiltrated Data Type: Critical data from 20 different databases
Additional Information :
- The threat actor claims to be selling unauthorized access to the database of a major Italian Internet Service Provider through an SQL Injection vulnerability.
- The compromised databases include “clienti,” “information_schema,” “n2q_gest,” and others that have been redacted to avoid detection by the victim.
- The main database used by the entire ISP is among the compromised databases, highlighting the severity of the breach.
- To avoid detection, several database names have been censored in the listing provided by the threat actor.
A threat actor has surfaced with claims of selling unauthorized access to the database of a major Italian Internet Service Provider (ISP) through an SQL Injection vulnerability. This access allegedly compromises critical data from 20 different databases.
The databases include “clienti,” “information_schema,” “n2q_gest,” and others that have been redacted to avoid detection by the victim. The list also features “clienti_solopec,” “dev1,” “dns,” “gest,” “ipplan,” “ldap,” “monitor,” “phpmyadmin,” “policyd,” “policyd2,” “postfix,” “roundcube,” “roundcube_wisp,” and “webcam.” The threat actor claims this database is the main one used by the entire ISP, highlighting the severity of the breach.
To avoid detection by the victim, several database names have been censored in the listing. The actor claims this database is the main one used by the entire ISP, highlighting the severity of the breach.
Original Source: https://dailydarkweb.net/threat-actor-allegedly-offers-unauthorized-access-to-an-italian-internet-service-provider/