Incident Overview

A threat actor using the handle "aiyewumi" claims to have breached the database of InPost, described as a major Polish logistics company specializing in postal and parcel delivery services. The exposed data is reportedly in SQL format and approximately 220MB in size, containing around 2 million employee records.

• Company Description: InPost is a big Polish logistics company
• File Type: SQL database
• Total Records: Approximately 2 million records
• File Size: 220MB
• Employee First Names: Full employee first name data
• Employee Last Names: Full employee last name data
• Employee Emails: Corporate email addresses
• Employee IDs: Internal employee identification numbers
• Employee Access Codes: System access codes and credentials
• Employee Addresses: Physical address information
• Employee Passwords: Password data (likely hashed)
• Employee IP Addresses: IP address logs
• Case IDs: Internal case identification numbers
• Dates: Timestamp and date information
• Branch Information: Branch location and assignment data
• Status Information: Employee or case status indicators
• Sample Data: SQL data visible in screenshot showing InPost locations (Centrala, Gdynia, Katowice, etc.)
• Post Status: Posted 2 hours ago (as of alert time)
• Access: Hidden content requiring payment of 8 points to unlock