DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Rex Mundi surfaces with new hack claims (UPDATE2)

Posted on November 14, 2014 by Dissent

It looks like hacking group Rex Mundi may be back. And they seem to be dumping all of the Domino’s data they claimed to have hacked back in June, plus data allegedly from hacks of Thomas Cook Belgium, Finalease Car Credit, and Mensura.

In a paste describing their activities, they write that they stole “personal records belonging to hundreds of customers who have recently applied for a car loan. Those records include the full financial history, employment details and personal data of the applicants” for car loans at Finalease Car Credit.” They offer several customer records as proof of hack.

From Thomas Cook Belgium, they allege they “stole records related to this network of travel agencies’ business partners, namely their affiliates and affiliated agencies. We will release the entire data in our possession at a later date. In the meantime, here are the contents of the company’s affiliates listing…”

For Mensura, they provided a sample of absenteeism-related requests allegedly received by the organization.

DataBreaches.net is not linking to the paste nor the data dump because of the exposed consumer personal information. This site  e-mailed Finalease and Mensura last night to seek confirmation or denial of the claimed hacks, but has gotten no response. No attempt was made to contact Thomas Cook Belgium for lack of a contact e-mail for these purposes.

As a reminder, Domino’s did contact all customers about the breach Rex Mundi claimed in June, so it’s tempting to believe the new claims, but at this point, these are just claims without confirmation. Unlike previous claimed hacks, however, there doesn’t seem to be any extortion demand involved, and the group’s paste makes no mention of anything the firms can do to avoid having their data dumped. (see CORRECTION below)

CORRECTION AND UPDATE (11/16/14): A tweet by Rex Mundi suggests that they did attempt to extort money from Mensura before they dumped some of the data:

@mailforlen Also, regarding Mensura, they initially wanted to pay but their lawyers advised them not to. Bad advice, if you ask us.

— Rex Mundi (@RexMundi13) November 15, 2014

Update 2: A Belgian site reporting on the hack, reports, “De Federal Computer Crime Unit van de federale politie, die zich over de zaken buigt, raadt gehackte ondernemers af om met geld over de brug te komen,” which I’m told means that the Federal Computer Crime Unit is advising the businesses to pay the ransom (extortion). Amazing, if that’s true. Another site says that FFCU discourages paying ransom.  Note: a commenter points out that the translation I was given for the first source was incorrect, and that as I suspected, the FCCU was advising companies NOT to pay.

Related posts:

  • Rex Mundi threatens to expose patients’ blood test results if lab doesn’t pay extortion demand (update 1)
  • The Extortionist, Drake International Leak Data Insight
  • Rex Mundi attempts to get Buy Way to pay EUR 20,000 to prevent data leak
  • Is your airline’s e-ticketing system putting your data at risk?
Category: Breach IncidentsBusiness SectorHackNon-U.S.

Post navigation

← Citizens Bank Manager Sentenced to 30 Months in Prison for Identify Theft Scheme
Manitoba says former employee inappropriately accessed personal health info →

2 thoughts on “Rex Mundi surfaces with new hack claims (UPDATE2)”

  1. BC says:
    November 18, 2014 at 7:59 am

    raadt gehackte ondernemers af om met geld over de brug te komen = advises hacked companies not to pay.
    If they would be advising them to pay it would be: raadt gehackte ondernemers AAN om …

    1. Dissent says:
      November 18, 2014 at 9:15 am

      Thanks so much, BC. I’ve edited that update to reflect that.

      I knew I should be suspicious of the translator… 🙂

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.