DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Barbados Revenue Authority files listed for sale by threat actors (1)

Posted on September 30, 2024October 4, 2024 by Dissent

Records from the Barbados Revenue Authority such as property tax records and vehicle owner’s registration records are being offered for sale, but is the government even aware that personal information has been acquired and is at risk of misuse?

According to a post on a well-established Russian-language forum, there are 230GB of uncompressed data that includes driver’s licenses, social identification, and legal documents such as vehicle registration. The seller also claims that a database has 8 .xlsx files containing full names, email addresses, phone numbers, passports and national ID numbers, and driver’s license numbers.

Image: DataBreaches.net

The listing includes some sample files as proof of claims.

DataBreaches was provided with some additional details and proof by a spokesperson for the seller  (“Pryx”). A screencap provided to this site showed that Pryx had access to the admin portal for the Barbados Revenue Authority. A second screencap indicates that while in that portal, Pryx inserted code for a fake captcha scam that can lead to malware injection (the same scam as the one independently described on X). In response to questions from this site, their spokesperson responded that they didn’t pursue using the captcha scam because they had already dumped the data and didn’t need it. They left it in the portal, however, and the government’s IT people or forensics team will likely find it.

When asked if they still had access to the portal, Pryx commented that even if the government changed passwords, they might still be able to regain access if the government does not figure out the vulnerability they exploited to gain access.

Personal Information in Files

As noted above, some files contained personal information, but it appears that not all files with personal information were restricted to Barbados citizenry. One of the proof of claim files contained an image of the driver’s license of someone from South Carolina whose relative may own property in Barbados. Other proof of claim files included images of people fishing or just engaging in leisure pursuits. Some files appeared to contain religious or inspirational messages.  Why the government would store those files was not intuitively obvious to DataBreaches.

DataBreaches emailed the Barbados government yesterday to ask about the incident and their response. Pryx had claimed that he had emailed them a monetary demand to delete the data but that they had not responded at all. DataBreaches sent this site’s questions to the Prime Minister, the Barbados Government Information Service, and the Barbados Revenue Authority.  No reply has been received by publication, so although the revenue-related files appear likely to be genuine, the government has neither confirmed nor denied any breach at this point.

Post-publication, the above was edited to correct the name to Barbados Revenue Authority. The previous version incorrectly called it the Barbados Revenue Agency.

Update of October 3: The government did not respond to this site’s inquiries, but Starcom reports that the government has confirmed a data breach at the Barbados Revenue Authority but claims that it’s limited to the vehicle registration system. DataBreaches sent a second email to the government and privacy@ email addresses asking about the general service files and files with personal information in the VPE and VRE files. After reviewing additional files provided to this site by Pryx, DataBreaches notes that even if personal information of tourists or those seeking to get driving privileges in Barbados are stored in the vehicle registration system, it is still a lot of personally identifiable information that can be misused by criminals. Will the government mail or contact people from so many different countries to alert them to the breach?

The government did not respond to this site’s second email.

DataBreaches notes that Barbados Today reported on the breach and cited concerns consistent with those raised by this site:

Charging that the Barbados Revenue Authority (BRA) might have suffered the most extensive data leak to date, cybersecurity expert Niel Harper warned that a massive amount of sensitive information has been exposed and blasted the government’s response as inadequate.

Harper is charging that the breach is far more serious than what has been disclosed by officials, accusing them of downplaying the scale of the incident.

Harper, managing director and digital trust practice leader at Octave Cyber Security Group, said he sent correspondence on the issue to Attorney General Dale Marshall and Minister of Industry, Innovation, Science and Technology Marsha Caddle advising on what needed to be done as a matter of urgency to mitigate further harm to affected individuals. He said he had also reached out to Prime Minister Mia Mottley but had yet to receive a reply from any of the three officials.

Read more at Barbados Today. 

For a government that stated they were going to be transparent about this breach, it would help if they actually responded to this site and to a cybersecurity expert in their own country who also has questions and concerns.

 

 

 


Related:

  • PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada
  • Hungarian police arrest suspect in cyberattacks on independent media
  • Two more entities have folded after ransomware attacks
  • British institutions to be banned from paying ransoms to Russian hackers
  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
Category: Breach IncidentsGovernment SectorHackNon-U.S.

Post navigation

← VA staff got into Vance, Walz medical files, sparking investigation
FCC Reaches Multi-Million Dollar Settlement Of Investigations Into T-Mobile Data Breaches With Significant Improvements To Company’s Cybersecurity →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.