⚠️ You’re about to leave this site and be redirected to:

Skip to content Dark Web Informer - Cyber Threat Intelligence

⚠️ You’re about to leave this site and be redirected to:

Support
Sign In Subscribe
Data Breaches

Alleged breach of Weguest – 2.5M Records Exposed via API Misconfiguration

 and  Dark Web Informer - Cyber Threat Intelligence
3 min read

📢 Unlock Exclusive Cyber Threat Intelligence

Powered by DarkWebInformer.com

Get foundational access to breach intelligence — track breaches, leaks, and threats in real-time with unfiltered screenshots and expert summaries.

📚
4,000+ Blog Posts: Continuously updated with breach reports and threat summaries.
📢
15,000+ Alerts: Access detailed breach, leak, and DDoS alerts updated daily.
📤
Unredacted Threat Feed: Track breaches and leaks in real-time with JSON export support.
🔍
Leak & Breach Coverage: Get direct access to verified breach posts and claims.
📡
Snippets & Quick Facts: Receive concise summaries of DDoS, defacements, and breaches.
🤖
WhiteIntel.io API Access: Access an integrated API, in breach blog posts.
🖼️
High-Resolution Images: View uncompressed, watermark-free breach evidence.
🔑
Keyword Notifications: Receive browser alerts when monitored keywords are triggered.
📧
Custom Email Alerts: Get curated daily, weekly, or filtered alert summaries.
👥
Telegram Channels: Stay in the know with access to different Telegram channels.
📨
PGP Contact Details: Access verified PGPs for ransomware and threat groups.
⚠️
Coming Soon: CVE Alert Feed – Be first to know when new vulnerabilities emerge.
💳 Subscribe Now 🪙 Pay with Crypto

Disclaimer
This report includes actual screenshots and/or text that may include unredacted personally identifiable information (PII) gathered from publicly available sources. The sensitive information presented within this report is intended solely for cybersecurity awareness and threat intelligence purposes. Dark Web Informer explicitly condemns unauthorized access, distribution, or misuse of the personal data displayed or referenced here. Users must treat exposed data responsibly and ethically.

📌 Overview

Threat actor Gumball has claimed responsibility for the exfiltration of over 2.5 million records from Weguest, a Spanish rental property management firm. According to the post, the breach stemmed from a misconfigured third-party API used by Weguest and other rental management platforms. The actor shared structured CSV-like samples of owners, service providers, employees, bookings, refunds, and internal emails spanning from 2024–2025.

📊 Key Details

AttributeInformation
Date2025-06-05, 07:32:19 AM
Threat ActorGumball
Victim CountrySpain
IndustryHospitality & Tourism
OrganizationWeguest
Victim Siteweguest.com
CategoryData Breach
SeverityMedium
Networkopenweb

Subscriber-only content…

This post is for subscribers on the Plus and Pro tiers

Subscribe

Already have an account? Sign In

Related

Latest