⚠ Disclaimer
This report may include actual screenshots and/or text that contain unredacted personally identifiable information (PII) gathered from publicly available sources.
The sensitive information is presented solely for cybersecurity awareness and threat intelligence purposes.
📌 Overview
On September 9, 2025, ROOTBOY posted the alleged dataset on an underground forum.
The samples shown included SQL INSERT statements for both billing and student data tables, suggesting access to structured database dumps.
The dataset combines personal, financial, and credential data, raising risks of identity theft, fraud, and payment card abuse.
📊 Key Details
| Attribute | Information |
|---|---|
| Date | 2025-09-09 |
| Threat Actor | ROOTBOY |
| Victim Country | USA, Canada |
| Industry | Education Technology / Driving Schools |
| Victim Org. | Unidentified |
| Victim Site | Unknown |
| Category | Data Breach |
| Severity | Medium |
| Network | openweb |
