Every day, we encounter new PII data shared by a threat actor on the Dark Web. Finally, it has been determined that the threat actor named Data Trader Market VIP is offering the following data for sale on Telegram;
- 2 million pieces of personally identifiable information (PII) from databases of COVID-vaccinated people in Turkey.
- 2 GB of PII data belonging to Pakistani government employees
- PII database belonging to more than 3 million customers of Japanese insurance company “Aflac Japan” (aflac.co.jp)
Telegram: A Haven for Threat Actors
Telegram is a popular messaging app known for its privacy features, encryption, and ability to host large groups and channels. Unfortunately, its features have also made it a favored platform for threat actors to communicate, coordinate, and share stolen data. The platform’s end-to-end encryption makes it difficult for authorities to monitor conversations, providing a safe haven for cybercriminals. Threat actors often utilize Telegram to advertise their activities, showcase stolen data as evidence, and negotiate with potential buyers of the compromised information. The platform’s relative anonymity and ease of use have contributed to its popularity among cybercriminals looking to exploit and profit from data breaches. As data breaches continue to pose serious threats to individuals and organizations alike, it becomes imperative for educational institutions and other entities to bolster their cybersecurity measures, conduct regular assessments, and stay vigilant against evolving cyber threats.