Welcome to the new Cyber Intelligence House “Leak of the Week”. We will report findings of anonymised leaked credentials, credit cards and general exploits every week that come directly from our powerful CIH Platform.
This weeks leak: An extremely popular, Asian based online casino that provides sports betting, online casinos, and virtual games has been exploited. The threat actors used an exposed archive consists of a single SQL file and two metadata files, totalling 30 GB. The data appears to originate from a user database and includes highly sensitive personal and account related information.
The most sensitive information;
email – User email addresses.
phone – Personal mobile numbers.
passport – Passport details (number or scan reference).
address – Physical addresses.
password – User passwords (hash format not confirmed).
last_ip – Last known IP address of user login.
These fields, in combination, enable not just identity theft but also geolocation, phishing, or impersonation attacks.
Cyber Intelligence House implications analysis:
Exposure of email, phone, and IP can lead to spear-phishing and targeted scams.
Leakage of passport and address details enables identity theft and document forgery.
Compromised passwords may result in unauthorised access to other accounts (credential stuffing).