top of page
  • Writer's pictureJay Fribourg

"Leaksmas Unwrapped: Cybercriminals Reveal a Chilling 50 Million Record Data Breach

Updated: Apr 25

As we welcomed the new year, the cyber world was rocked by a nefarious act of "generosity" from cybercriminals, ironically termed "Leaksmas." This event, occurring during the festive holiday season, marked a disturbing trend in the world of cybercrime. Hackers took to the Dark Web to release over 50 million stolen consumer records, including sensitive credit card data and personally identifiable information (PII), under the guise of a "Free Leaksmas" gift.

An Alarming Array of Data Leaks

This massive data spill involved records from various sources, spanning across continents. Significant among these was a data set containing 22 million records from Movistar, a major telecommunications provider in Peru. These records included customer phone numbers and DNI (Documento Nacional de Identidad) numbers, a critical identity document in Peru, making this breach a severe threat to identity security.

Other notable leaks included 2.5 million records from GUMAC, a Vietnam-based online women’s fashion store, and over 2 million records from Mexico's Citibanamex. The release also encompassed 1.5 million records from French company Mobbiz, and substantial data from AEON, a significant credit service in the Philippines.

SiegedSec: A Notorious Actor in "Leaksmas"

The group SiegedSec, known for their previous attack on the Idaho National Laboratory, was among the most prominent actors in this "Leaksmas" event. Their ominous Christmas message, hinting at further unpredictable actions in the coming year, raised alarm bells across the cybersecurity community.

Global Impact and the Urgency for Robust Digital Identity Protection

The "Leaksmas" incident highlighted the vast geographical reach and severe impact of cybercriminal activities. With countries like Peru, the United States, and the Philippines being the most affected, the need for robust digital identity protection has never been more critical, especially in regions like Latin America and Asia-Pacific, which are increasingly becoming hotspots for cyber-attacks.

A Catalyst for Financial Fraud and Identity Theft

The release of such a massive volume of PII records is not just an invasion of privacy; it opens the floodgates to a series of cybercrimes like account takeovers, business email compromises, identity theft, and financial fraud. The widespread distribution of this data means that individuals across the globe are now at heightened risk.

The Underground Economy and the Festive Season

Interestingly, the approach of the holiday season acts as a catalyst in the underground economy, prompting cybercriminals to intensify their activities. This "Leaksmas" event is a stark reminder of the ever-evolving threat landscape in cyberspace and the importance of remaining vigilant, especially during times when attention might be elsewhere.

Conclusion: A Wake-Up Call for Digital Identity Security

The "Leaksmas" saga serves as a wake-up call for individuals and organizations alike. It underscores the importance of implementing stringent cybersecurity measures and the need for continuous vigilance. As a leader in cybersecurity solutions, BlueZone Cyber Solutions is committed to helping our clients navigate these challenges and secure their digital assets against such malicious activities.

Hackers Don't Rest. Neither Do We: Reduce Your Risk of a Cyber Breach by 45%

Don't wait for a breach to happen. Contact us today to safeguard your business and step into the new year with confidence and security. - BlueZone Cyber Solutions


bottom of page