05-13-2024, 05:55 PM
News Hacker Offers Data Allegedly Stolen from the City of New York
<p><img width="1000" height="669" src="https://thecyberexpress.com/wp-content/uploads/City-of-New-York-Data-Breach.webp" class="attachment-post-thumbnail size-post-thumbnail wp-post-image" alt="City of New York Data Breach" decoding="async" srcset="https://thecyberexpress.com/wp-content/uploads/City-of-New-York-Data-Breach.webp 1000w, https://thecyberexpress.com/wp-content/u...0x201.webp 300w, https://thecyberexpress.com/wp-content/u...8x514.webp 768w, https://thecyberexpress.com/wp-content/u...0x401.webp 600w, https://thecyberexpress.com/wp-content/u...0x100.webp 150w, https://thecyberexpress.com/wp-content/u...0x502.webp 750w" sizes="(max-width: 1000px) 100vw, 1000px" /></p>An unidentified threat actor known as "pwns3c" has offered access to a database purported to contain sensitive data and documents from a City of New York data breach for sale on BreachForums.
The City of New York website offers official digital representation of the city's government as well as access to related information such as alerts, 311 services, news, programs or events with the city.
The claims made in the post, despite its alleged nature raises significant concerns about the extent of the data breach as well as the security practices followed by the government office.
<h3>Alleged City of New York Data Breach Claimed to Include Sensitive Data</h3>
The stolen <a href="https://thecyberexpress.com/geico-data-breach/" target="_blank" rel="nofollow noopener">database</a> is allegedly stated to include 199 PDF files, approximately 70MB in size in total. The exposed <a class="wpil_keyword_link" title="data" href="https://thecyberexpress.com/what-is-data/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3924">data</a> includes a wide range of personally identifiable information (PII), such as: Licensee Serial Number, Expiration Date, Applicant or Licensee Name, Trade Name, Street Address, City, Zip Code, Phone Number of Applicant, and Business Email of Applicant.
Moreover, the data also reveals sensitive details about building owners, attorneys, and individuals, including their EIN, SSN, and signature. The threat actor is selling this sensitive information for a mere $30, and interested buyers are instructed to contact them through private messages within BreachForums or through their Telegram handle.
The post seemingly includes links to download <a href="https://thecyberexpress.com/us-department-of-education-data-dark-web/" target="_blank" rel="nofollow noopener">samples</a> of the data allegedly stolen in the attack.
[caption id="attachment_68084" align="alignnone" width="1872"]<img class="wp-image-68084 size-full" src="https://thecyberexpress.com/wp-content/uploads/Alleged-City-of-New-York-Data-Breach.webp" alt="Alleged City of New York Data Breach" width="1872" height="773" /> Source: BreachForums[/caption]
The alleged data breach has far-reaching implications, as it puts the personal information of numerous individuals at <a class="wpil_keyword_link" title="risk" href="https://thecyberexpress.com/what-are-risks-in-cybersecurity/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3922">risk</a>. The leak of personally identifiable information (PII) and sensitive documents exposes individuals to potential risks of identity theft, fraud, and other malicious activities.
<a href="https://thecyberexpress.com/" target="_blank" rel="noopener">The Cyber Express</a> team has reached out to the New York City mayor's official press contact email for confirmation. However, no response has been received as of yet.
<h3>pwns3c Earlier Claimed to have Hacked Virginia Department of Elections</h3>
In an earlier post on BreachForums, pwns3c claimed an alleged data breach against the Virginia Department of Elections, compromising of at least 6,500 records. The earlier stolen data was also offered for USD 30 in Bitcoin (BTC), Litecoin (LTC), or Monero (XMR) on the <a class="wpil_keyword_link" title="dark web" href="https://thecyberexpress.com/what-is-the-dark-web/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3923">dark web</a>.
The Virginia Department of Elections is <a href="https://www.virginia.gov/agencies/department-of-elections/" target="_blank" rel="nofollow noopener">responsible for providing and overseeing</a> open and secure elections for the citizens of the Commonwealth of Virginia. It is responsible for voter registration, absentee voting, ballot access for candidates, campaign finance disclosure and voting equipment certification in coordination with about 133 of Virginia's local election offices.
The compromised data was allegedly stated to have included sensitive information such as timestamps, usernames, election data, candidate information, and <a href="https://thecyberexpress.com/r00tk1t-claims-upcoming-bjp-cyberattack/" target="_blank" rel="noopener">voting method</a> details. However, there has been no official confirmation of the stated incident as of yet.
The breaches claimed by pwns3c, despite their alleged nature highlight the persistent challenges of securing the websites of government institutions. The sensitive nature of the stolen data that may allegedly include Social Security Numbers (SSNs), contact information, election-related details, and signatures, underscores the urgency for government websites to strengthen their security measures.
<span class="ui-provider ee bqk bql bqm bqn bqo bqp bqq bqr bqs bqt bqu bqv bqw bqx bqy bqz bra brb brc brd bre brf brg brh bri brj brk brl brm brn bro brp brq brr" dir="ltr" style="color: #ff0000;"><i>Media Disclaimer: This report is based on internal and external research obtained through various means. The <a href="https://thecyberexpress.com/cisco-duo-data-breach-exposes-mfa-information/" target="_blank" rel="noopener" data-wpil-monitor-id="3052">information provided</a> is for reference purposes only, and users bear full responsibility for their reliance on it. </i><a class="fui-Link ___1rxvrpe f2hkw1w f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv fk6fouc fjoy568 figsok6 f1hu3pq6 f11qmguv f19f4twv f1tyq0we f1g0x7ka fhxju0i f1qch9an f1cnd47f fqv5qza f1vmzxwi f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh fhgqx19 f1olyrje f1p93eir f1nev41a f1h8hb77 f1lqvz6u f10aw75t fsle3fq f17ae5zn" style="color: #ff0000;" title="https://thecyberexpress.com/" href="https://thecyberexpress.com/" target="_blank" rel="noreferrer noopener" aria-label="Link The Cyber Express"><i>The Cyber Express</i></a><i> assumes no liability for the accuracy or consequences of using this information.</i></span>
https://thecyberexpress.com/hacker-claim...ta-breach/
<p><img width="1000" height="669" src="https://thecyberexpress.com/wp-content/uploads/City-of-New-York-Data-Breach.webp" class="attachment-post-thumbnail size-post-thumbnail wp-post-image" alt="City of New York Data Breach" decoding="async" srcset="https://thecyberexpress.com/wp-content/uploads/City-of-New-York-Data-Breach.webp 1000w, https://thecyberexpress.com/wp-content/u...0x201.webp 300w, https://thecyberexpress.com/wp-content/u...8x514.webp 768w, https://thecyberexpress.com/wp-content/u...0x401.webp 600w, https://thecyberexpress.com/wp-content/u...0x100.webp 150w, https://thecyberexpress.com/wp-content/u...0x502.webp 750w" sizes="(max-width: 1000px) 100vw, 1000px" /></p>An unidentified threat actor known as "pwns3c" has offered access to a database purported to contain sensitive data and documents from a City of New York data breach for sale on BreachForums.
The City of New York website offers official digital representation of the city's government as well as access to related information such as alerts, 311 services, news, programs or events with the city.
The claims made in the post, despite its alleged nature raises significant concerns about the extent of the data breach as well as the security practices followed by the government office.
<h3>Alleged City of New York Data Breach Claimed to Include Sensitive Data</h3>
The stolen <a href="https://thecyberexpress.com/geico-data-breach/" target="_blank" rel="nofollow noopener">database</a> is allegedly stated to include 199 PDF files, approximately 70MB in size in total. The exposed <a class="wpil_keyword_link" title="data" href="https://thecyberexpress.com/what-is-data/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3924">data</a> includes a wide range of personally identifiable information (PII), such as: Licensee Serial Number, Expiration Date, Applicant or Licensee Name, Trade Name, Street Address, City, Zip Code, Phone Number of Applicant, and Business Email of Applicant.
Moreover, the data also reveals sensitive details about building owners, attorneys, and individuals, including their EIN, SSN, and signature. The threat actor is selling this sensitive information for a mere $30, and interested buyers are instructed to contact them through private messages within BreachForums or through their Telegram handle.
The post seemingly includes links to download <a href="https://thecyberexpress.com/us-department-of-education-data-dark-web/" target="_blank" rel="nofollow noopener">samples</a> of the data allegedly stolen in the attack.
[caption id="attachment_68084" align="alignnone" width="1872"]<img class="wp-image-68084 size-full" src="https://thecyberexpress.com/wp-content/uploads/Alleged-City-of-New-York-Data-Breach.webp" alt="Alleged City of New York Data Breach" width="1872" height="773" /> Source: BreachForums[/caption]
The alleged data breach has far-reaching implications, as it puts the personal information of numerous individuals at <a class="wpil_keyword_link" title="risk" href="https://thecyberexpress.com/what-are-risks-in-cybersecurity/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3922">risk</a>. The leak of personally identifiable information (PII) and sensitive documents exposes individuals to potential risks of identity theft, fraud, and other malicious activities.
<a href="https://thecyberexpress.com/" target="_blank" rel="noopener">The Cyber Express</a> team has reached out to the New York City mayor's official press contact email for confirmation. However, no response has been received as of yet.
<h3>pwns3c Earlier Claimed to have Hacked Virginia Department of Elections</h3>
In an earlier post on BreachForums, pwns3c claimed an alleged data breach against the Virginia Department of Elections, compromising of at least 6,500 records. The earlier stolen data was also offered for USD 30 in Bitcoin (BTC), Litecoin (LTC), or Monero (XMR) on the <a class="wpil_keyword_link" title="dark web" href="https://thecyberexpress.com/what-is-the-dark-web/" target="_blank" rel="noopener" data-wpil-keyword-link="linked" data-wpil-monitor-id="3923">dark web</a>.
The Virginia Department of Elections is <a href="https://www.virginia.gov/agencies/department-of-elections/" target="_blank" rel="nofollow noopener">responsible for providing and overseeing</a> open and secure elections for the citizens of the Commonwealth of Virginia. It is responsible for voter registration, absentee voting, ballot access for candidates, campaign finance disclosure and voting equipment certification in coordination with about 133 of Virginia's local election offices.
The compromised data was allegedly stated to have included sensitive information such as timestamps, usernames, election data, candidate information, and <a href="https://thecyberexpress.com/r00tk1t-claims-upcoming-bjp-cyberattack/" target="_blank" rel="noopener">voting method</a> details. However, there has been no official confirmation of the stated incident as of yet.
The breaches claimed by pwns3c, despite their alleged nature highlight the persistent challenges of securing the websites of government institutions. The sensitive nature of the stolen data that may allegedly include Social Security Numbers (SSNs), contact information, election-related details, and signatures, underscores the urgency for government websites to strengthen their security measures.
<span class="ui-provider ee bqk bql bqm bqn bqo bqp bqq bqr bqs bqt bqu bqv bqw bqx bqy bqz bra brb brc brd bre brf brg brh bri brj brk brl brm brn bro brp brq brr" dir="ltr" style="color: #ff0000;"><i>Media Disclaimer: This report is based on internal and external research obtained through various means. The <a href="https://thecyberexpress.com/cisco-duo-data-breach-exposes-mfa-information/" target="_blank" rel="noopener" data-wpil-monitor-id="3052">information provided</a> is for reference purposes only, and users bear full responsibility for their reliance on it. </i><a class="fui-Link ___1rxvrpe f2hkw1w f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv fk6fouc fjoy568 figsok6 f1hu3pq6 f11qmguv f19f4twv f1tyq0we f1g0x7ka fhxju0i f1qch9an f1cnd47f fqv5qza f1vmzxwi f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh fhgqx19 f1olyrje f1p93eir f1nev41a f1h8hb77 f1lqvz6u f10aw75t fsle3fq f17ae5zn" style="color: #ff0000;" title="https://thecyberexpress.com/" href="https://thecyberexpress.com/" target="_blank" rel="noreferrer noopener" aria-label="Link The Cyber Express"><i>The Cyber Express</i></a><i> assumes no liability for the accuracy or consequences of using this information.</i></span>
https://thecyberexpress.com/hacker-claim...ta-breach/