DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Bits ‘n Pieces (Trozos y Piezas)

Posted on February 10, 2023 by chum1ng0

UY:  Thomas J. Shandy Attack Claimed by  AvosLocker

The firm of Thomas J. Schandy has been listed on the leak site for  AvosLocker. The February 5 listing claims that the threat actors have about 100 GB of information from the firm which states that their  “jurisdiction  has particular emphasis on all the national ports of Uruguay.”  AvosLocker provided a few files such as curriculum vitae and work agreements as a proofpack.

Shandy describes itself as “Comisarios de Avería y Liquidadores de Siniestros” in Uruguay. They act as Lloyd’s agents and P&I correspondents.

The firm has no mention on their website about any incident and they have not responded to two email inquiries from DataBreaches asking if they would confirm or deny any attack.

CO: Medellin.gov.co attack claimed by LockBit3.0

Here’s a case where a municipality proactively posted notice of a problem. In a tweet on February 2, the Secretaría de Seguridad y Convivencia wrote (machine translation:)

We are facing a cyberattack of unknown origin against the dispatch servers of the Integrated Emergency and Security System- SIES-M, which was overcome and repelled on February 1 without ever affecting the operation of the city’s security and emergency agencies.

An image of their website notice was embedded in the tweet.

On February 6, LockBit3.0 added Medellin.gov.co to its leaks page with five files uploaded as proof. Muchohacker.lol verified the files and described the  contents of four of them. One of the screenshots showed a directory of folders and files concerned with homicides. The most sensitive file in the sample was reported to be a document called a “Suicide Attempt Attention Record,” which @hyperconectado wrote revealed the details and personal data of a woman who allegedly attempted to end her life. A fifth file appeared to contain names, cellphone numbers, and email addresses.

Neither the mayor’s office nor the  Secretary of Security and Coexistence has provided more details or any updates. The mayor’s office has not responded to two emails sent by DataBreaches, and LockBitSupport did not respond on Tox. Muchohacker.lol also reports that the mayor did not respond to them.

MX: Avante Textil distributor hit by LockBit3.0

The textile distributor “Avante Textil” was added to the LockBit3.0 leak page on February 2 with some samples as proof such as electronic payment receipts.

Avante’s website and social networks do not mention any security incident, so DataBbreaches submitted a web form inquiring about LockBit’s claims. No reply has been received by publication.

BR: Politriz data leaked by LockBit3.0

In a previous Trozos y Piezas, DataBreaches reported that an attack on Politriz had been claimed by LockBit3.0 but LockBit had not posted any proof. We can now update that entry and note that Politriz data was dumped on LockBit3.0 on January 27. The 693 folders contain information about the company such as sales balances, some contracts for the provision of services, and accounting. But DataBreaches also noted some personnel-related files like payment records to named employees, some medically-related information like a medical transportation voucher, a doctor’s note that someone needed time off from work, and a military draft file.

There is no notice on Politriz’s site about any breach and DataBreaches does not know whether they have notified any employees, regulators, or anyone else.

 

Category: Breach Incidents

Post navigation

← Dallas Central Appraisal District paid $170,000 to Royal ransomware attackers
UMass Memorial Health settles lawsuit claims from 2020 hack →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.