🚨 A massive data breach has exposed the personal identity records of approximately 159 million citizens, originating from a database managed by the Russian Ministry of Internal Affairs (MVD). The compromised dataset, spanning records from 2004 to 2023, contains highly sensitive personally identifiable information (PII) related to passport issuance and migration policy. The leaked database totals 636 GB and is structured across three primary tables. The Passports table alone comprises over 546 million rows and 271 GB of data, including fields such as full names, passport numbers, SNILS (Individual Insurance Account Numbers), and issuing authorities. The Addresses table contains over 370 million rows detailing registration addresses, start and end dates, and data processors. Additionally, the Photos table holds 222 GB of data, featuring over 14.3 million individual photos and 6.2 million passport scans linked to passport numbers. The exposure of SNILS numbers, official passport details, residential addresses, and biometric-style photos represents a critical security incident for the Russian government. With the data covering a significant portion of the national population and historical migration records, the breach poses severe risks of identity theft, fraud, and targeted harassment for millions of individuals. The threat actor behind the leak has offered the database for sale via Telegram, accepting escrow services and multiple buyers. A sample of the data has been made available online, confirming the structure and sensitivity of the compromised records. Security experts are urging affected individuals to monitor their accounts for suspicious activity, while the MVD is expected to investigate the source of the breach and implement stricter data protection measures. #DataBreach #MVDRussia #GovernmentHack #PIIExposure #CyberSecurity #IdentityTheft #DarkWeb

🚨 CYBER INTELLIGENCE ALERT: ALLEGED EXFILTRATION OF JUDICIAL OFFICIALS' DATA — CALDAS DISTRICT 🇨🇴 [STATUS: UNDER INVESTIGATION / UNCONFIRMED] Through continuous monitoring of clandestine cybercrime forums, a post has been detected by the threat actor identified as DragonLeak. The attacker has released and made publicly available a file that claims to contain the complete database of employees corresponding to the domain distritocaldas.ramajudicial. gov.co, belonging to the Caldas Judicial District of the Colombian Judiciary. The data has been uploaded to the GoFile hosting platform for free download. 🎯 Affected Entity: Judiciary of the Republic of Colombia 👤 Threat Actor: DragonLeak. 📂 Incident Type: Human Resources (HR) Database Exfiltration / Personally Identifiable Information (PII) Leakage 📊 TECHNICAL BREAKDOWN OF EXFILTRATED ASSETS The manifest published by the attacker details the exposure of the following logical fields, which completely compromise the privacy and identity of government officials: 🪪 Identity and Demographic Data: Full Names: Full names of personnel. National ID: National Identity Cards (CC), the definitive national identifier. 📞 Contact and Location Information (Physical Risk): Emails: Email addresses (likely institutional @ramajudicial.gov.co and personal). Phone numbers: Direct telephone contact numbers. Home Addresses: This is the most critical element, as it reveals the exact residential location of employees. 🏢 Organizational Structure: Employee Positions: Identification of the employee's role (e.g., Judges, Magistrates, Prosecutors, Secretaries, Assistants). 🛡️ EMERGENCY MITIGATIONS AND TECHNICAL RECOMMENDATIONS 🛑 Perimeter Blocking and IoCs: Add the GoFile distribution URLs reported in this campaign to the blacklists of the Judicial Branch's firewalls and proxy servers to prevent internal personnel from interacting with the file. 🔒 Notification and Identity Protection: It is imperative to immediately notify all officials within the Judicial District of Caldas regarding the exposure of their residential addresses. Physical security protocols must be activated, particularly for employees holding high-risk positions (national judges and magistrates). ⚡ MONITORING AND ASSESSMENT 🌐 Intelligence System: analyzer.vecert.io 🛡️ Quickly assess your website's security with: monitor.vecert.io/ #CyberSecurity #DataBreach #Colombia #JudicialBranch #Caldas #DragonLeak #PII_Leak #GovernmentHack #Doxxing #ThreatIntelligence #CyberAlert #VECERT #Infosec #StateSecurity

🚨 CONSOLIDATED CYBER INTELLIGENCE ALERT: MULTIPLE INTRUSIONS IN LATAM (🇲🇽 / 🇧🇷) ⚠️ EXFILTRATION OF MEXICAN EDUCATIONAL INSTITUTIONS AND STATE/B2B PORTALS IN BRAZIL [STATUS: INTRUSIONS UNCONFIRMED/ UNDER INVESTIGATION] On May 19, 2026, four high-impact security breaches targeting critical infrastructure in Mexico and Brazil were reported simultaneously. The incidents involved the compromise of student records databases, public health portals, and corporate market intelligence repositories. 📊 TECHNICAL BREAKDOWN OF DETECTED CASES 🇲🇽 Education Sector — Mexico Two technical and higher education institutions have been compromised by the same threat actor: Case #6302: Escuela Normal Experimental (MX) [3414] Threat Actor: Z3r00 Category: Education / Academic Infrastructure Risk: Potential exfiltration of personally identifiable information (PII) of teaching staff and records of students in teacher training programs. Case #6301: Instituto Tecnológico del Istmo - Oaxaca, MX Threat Actor: Z3r00 Category: Education / Regional Technological Development Risk: Alleged compromise of logical repositories of student records, enrollment data, grade histories, and local citizen identity records in the Oaxaca region. 🇧🇷 Government and Data Sectors — Brazil Wide-spectrum impacts on health platforms and commercial databases: Case #6300: Speedio .com.br Brazil B2B (62M) Threat Actor: Claude Category: Unclassified / Business Intelligence Reported Impact: Potential mass exposure of a batch of 62 million records. Case #6299: Brazil Government Health Portal Threat Actor: Florence Category: Government / Public Health 🛡️ URGENT MITIGATION AND TECHNICAL RECOMMENDATIONS 🛑 Audit of Exposed APIs and Services: The IT teams of the Instituto Tecnológico do Istmo and the Escuela Normal Experimental are urged to temporarily suspend external access to their school administration panels and review the SQL injection logs. 🔒 Revocation of Health and Government Credentials (Brazil): The Brazilian government's incident response team must immediately force the closure of administrative sessions on the compromised health portals, auditing any anomalous access to analytical data repositories. ⚠️ Protection Against B2B Phishing Campaigns: Companies using Speedio services should alert their purchasing and finance departments about the imminent risk of receiving spoofed emails that cite real data from their corporate structure to authorize fraudulent transfers. ⚡ MONITORING AND EVALUATION 🌐 Intelligence System: analyzer.vecert.io 🛡️ Quickly evaluate your website's security with: monitor.vecert.io/ #CyberSecurity #DataBreach #Mexico #Brazil #EducationSecurity #GovernmentHack #SpeedioB2B #HealthPortalLeak #Z3r00 #ThreatIntelligence #CyberAlert #VECERT #Infosec

🚨 GLOBAL ALERT: Multiple Security Breaches in Government Agencies 🌎🏛️ Our platform has detected a coordinated offensive by the threat actor wh6ami, who has published sensitive data belonging to government institutions in Sri Lanka, Bangladesh, and Liberia. These attacks pose a critical risk to data sovereignty and the privacy of government officials across three distinct regions. 1. Government of Sri Lanka (Double Compromise) 🇱🇰🗳️ Two massive data leaks have been reported, affecting key administrative pillars of the country: Ministries and Commissions: Data exfiltration from the central government sector. Public Service Commission: Compromise of information related to state employee management. Actor: wh6ami. Date: March 23, 2026 🗓️. 2. Government of Bangladesh 🇧🇩📁 Impact on unspecified state organizations, categorized under the "Government" sector. Victim: Government organizations in Bangladesh. Actor: wh6ami. Risk: Potential exposure of civil records or internal administrative data. 3. Government of Liberia 🇱🇷⚖️ A targeted compromise directed at the Ministry of Justice—one of the country's most sensitive entities. Victim: Ministry of Justice of Liberia. Actor: wh6ami. Impact: Risk of data leakage involving legal files, judicial personnel data, and records of ongoing cases. Monitor: analyzer.vecert.io #CyberSecurity #DataBreach #SriLanka #Bangladesh #Liberia #GovernmentHack #wh6ami #InfoSec #CyberAlert #NationalSecurity #JusticeSystem #GlobalThreat

🇬🇧 🏦 🤡 Another UK gov hack: Foreign Office breached, visa details likely stolen. These clowns can't lock down anything, why trust them with digital ID for everyone? Resist! #GovernmentHack #NoDigitalID

ICT CS William Kabogo says no government data was lost after several State websites were hacked on Monday. The attack briefly redirected domains and left defaced pages, but officials say systems are now stable and investigations are underway. #KenyaCyberSecurity #GovernmentHack #DigitalSafety

40M PH Government Records Leaked? 🚨 DILG is probing a massive data breach from its Full Disclosure Policy Portal (FDPP). Read more here: privarase.com/post/dilg-unde… #DILGDataBreach #PHCyberSecurity #GovernmentHack #DataLeakPH #NationalSecurityPH

🚨 Major Cybersecurity Breach Hits St. Paul! A severe cyberattack has disrupted city services, paralyzed systems, and triggered a National Guard response. 🛡️💻 Read more: privarase.com/post/st-paul-c… #cybersecuritybreach #governmenthack #cyberthreats

#Devman #ransomware group has allegedly #hacked 2.5 TB of data from the National Social Security Fund (@NSSF_ke). The NSSF is a government agency in #Kenya 🇰🇪 (@StateHouseKenya) collects, manages, invests, and distributes employee retirement funds. @RBAKenya @LabourSPKE Stay informed, monitor cyber threats, and sign up for free on #VenariX 👉 venarix.com #CyberAttack #Nairobi #NSSF #Retirement #KenyaNews #Kenyan #Economy #Benefits #Labour #Employers #Employee #infosec #CyberSec #DarkWeb #DataLeak #GovernmentHack #Ciberataque

Hacktivists Claim Breach of Egyptian Ministry’s Systems: ethical-empire.com/hacktivis… #EgyptHack, #Cybersecurity, #DataBreach, #Hacktivism, #GovernmentHack, #InfoSec, #R00TK1T, #CybersecurityAwareness, #EthicalHacking #EthicalEmpire

Security Breach Exposes UK Government Users’ Data; Hacker Threatens Further Releases: ethical-empire.com/security-… #UKDataBreach, #Cybersecurity, #InfoSec, #DataLeak, #MillionUsersAtRisk, #Hacked, #USDoD, #GovernmentHack, #ProtectYourData, #PasswordSecurity

@ucccsp director & @UCPolitical Head Richard Harknett, @harknett_uc, discusses latest Government Hack, SolarWinds, & #PersistentEngagement strategy in new piece on @lawfareblog. @UC_SOIT @UC_ArtSci @uofcincy #CyberLivesHere #SolarWinds #GovernmentHack lawfareblog.com/solarwinds-n…

Don't miss this episode of the @FuturumPodcast featuring @ShellyKramer and @fredmcclimans >> The Three As of the Russian Government Hack: Acquisition, Aggregation, and Activation of Data bit.ly/3h6yL3U #GovernmentHack #Cybersecurity #Podcast #Acquisition

#governmentHack #CyberAttack

たんに刺激がないと生きていけないダメ人間です笑笑 内部では単なる珍獣扱いですしw 最近思い付きで名付けましたが、この生き方を新時代のライフハックである #GovernmentHack 略して #GHack を実践する #GHacker というイカしたネーミングにして見ましたが、いかがでしょう？

Ang tatamad kasi ng mga ibang empleyado. Puro chikahan ginagawa. But srsly though, if you want fast DMV processing, try going in after lunch! There won’t be lines anymore cause everyone comes in the morning! #GovernmentHack

おもしろいことだけをして生きていく。そのためのツールとして、地域おこし協力隊ってかなりベストな選択肢の一つ。 行政をうまいことHackして、世の中も面白くする。 これが新時代のライフハック #GovernmentHack 略して #GHack である。

ガバメントだってハックできる。 そんな時代がもう来てるんだから、さっさとやっちゃおうぜyou. #GovernmentHack #GHack

#Governmenthack #Hackathon @hackaus @hackathons @HackathonWatch @hackapreneur @newsycombinator @BSBot01

BLOG: #CyberBreach When Sensitive Information Is Accessed in #GovernmentHack You May Have No Remedy ow.ly/JFgj30fHhM2 #FinRegReform