Skip to content
Support
Sign In Subscribe
Defacements

Hacker Claims to Deface Telcel Business-Tracking Platform and Alter Admin Accounts

 and  Dark Web Informer
9 min read
Breach Report Mexico flagMexico Telecom

Hacker Claims to Deface Telcel Business-Tracking Platform and Alter Admin Accounts

A threat actor using the alias azazeljakel (posting under the tag "CORTEX") claims to have compromised Localizacion Empresarial Telcel (LET), a business location and fleet-tracking platform operated under the Mexican telecom brand Telcel (let.telcel.com). Rather than dumping data, the actor says they accessed the site and altered its administrator accounts, posting screenshots of the admin panel tagged with their handle as proof. There is no sign of a published dataset, but admin access to a live asset-tracking system is a meaningful security concern. The claim is unverified and Telcel has not publicly addressed it.

ImpactAdmin takeover
TypeDefacement
CountryMexico flagMexico
Actorazazeljakel

Post details

TargetLocalizacion Empresarial Telcel (let.telcel.com)
CountryMexico flagMexico
SectorTelecommunications
ClaimSite compromise, admin accounts altered
IncidentDefacement / unauthorized admin access
ObservedJun 10, 2026
Data dumpNone published (so far)
Actorazazeljakel (CORTEX)

!What is claimed

  • Admin-panel access (claimed)
  • Administrator accounts altered
  • Website defacement (with proof)
  • Business GPS / fleet-tracking system
  • Possible business location data at risk
  • Telcel-branded platform (let.telcel.com)
  • No dataset published so far
  • Proof-of-access screenshots posted

Screenshot

Telcel LET Mexico alleged website defacement Screenshot 1 Screenshot 1 Redacted preview

Potential impact

If genuine, gaining administrator access to a fleet and asset-tracking platform is concerning even without a published dataset: such systems hold the real-time and historical locations of business vehicles and assets, and admin control could expose that tracking data or allow records to be tampered with. The actor frames this as a defacement, replacing administrator credentials and tagging the panel, rather than a data theft, and the account is low-reputation, so the practical impact may be limited to the affected sub-service. Even so, any administrative compromise of a Telcel-branded system warrants attention. The claim is unverified.

iStatus

Unverified

The actor posted defacement screenshots and a list of altered administrator accounts to a forum, alongside a Telegram channel; the specific admin usernames, the altered credentials, and the channel link are not reproduced here. The claim has not been independently confirmed and Telcel has not publicly addressed it.

Want the non-redacted screenshots? Paid subscribers get all of the claim details and unredacted screenshots. Check out the threat feed or ransomware feed (whichever applies to this post), then after subscribing, search there for this alert to view the unredacted version. View pricing →

DARK WEB INFORMER - THREAT INTELLIGENCE

Related

Latest