Skip to content
Sign In Subscribe
Data Breaches

Sorb is Allegedly Selling the Data of TCobro

 and  Dark Web Informer - Cyber Threat Intelligence
2 min read

💡 Subscribe to DarkWebInformer.com for Unmatched Cyber Threat Intelligence 💡

Why Subscribe? Let me do the work and save you time.

Stay ahead of cyber threats and safeguard your digital assets while enhancing your cybersecurity awareness with these exclusive subscriber-only features:

  • 📜
    Detailed Threat Posts: Stay updated on breaches, ransomware, DDoS attacks, and more.
  • 📡
    Exclusive Threat Feeds: Access the latest ransomware victim disclosures, breaches, and other critical updates.
  • 🖼️
    High-Resolution Screenshots: All posts include watermark-free, high-resolution images.
  • 🔗
    Direct Claim URLs: Instantly access claims with direct links for fast verification.

Click here to find out all of the exclusive benefits!

Subscribe Now Pay with Crypto

Quick Facts

📅 Date: 2025-01-22
🚨 Title: Alleged Data Sale of TCobro
🛡️ Victim Country: Peru
🏭 Victim Industry: Debt Collection & Consulting Services
🏢 Victim Organization: TCobro
🌐 Victim Site: tcobro.net
📜 Category: Data Breach
🔗 Claim: https://breachforums.st/Thread-SELLING-Peru-Tcobro-outsourcing-832-000-users
🕵️‍♂️ Threat Actor: Sorb
🌍 Network: Openweb

WhiteIntel.io Data Leak Information

Country: Unknown Credentials: 19,618
Country: BR Credentials: 7,881
Country: US Credentials: 7,510
Country: ID Credentials: 6,538
Country: IN Credentials: 6,141
Country: TR Credentials: 4,537
Country: EG Credentials: 3,506
Fetching WhiteIntel.io Data...
Large datasets may take a moment...
This message will update automatically...

Description

The threat actor Sorb has claimed to have obtained sensitive data from TCobro Telefonía y Cobranzas, a Peruvian debt collection and consulting company. The actor alleges they are selling a dataset of 832,000 client records alongside administrative access to TCobro’s systems, including:

  1. MySQL Server Access: Database-level control to view and extract stored data.
  2. Web CRM Panel Access: Administrator-level access to customer relationship management systems.

The data is reportedly stored in CSV format and is being sold for $400, with escrow services available for secure transactions.

Compromised Data

The dataset allegedly includes:

  1. Client Phone Numbers: Complete contact details for 832,000 individuals.
  2. Administrative System Access:
    • MySQL server credentials.
    • Full access to TCobro’s CRM panel.

Implications

For TCobro:

  1. Reputational Damage: Public disclosure of this breach may tarnish the company’s image in Peru and internationally.
  2. Operational Risks: Administrative access to systems can disrupt operations or compromise ongoing collections.
  3. Compliance Issues: Potential penalties under Peruvian data protection laws.

For Affected Clients:

  1. Privacy Violations: Exposure of personal contact details increases the risk of targeted scams or harassment.
  2. Identity Fraud: Compromised data could be used for fraudulent activities.

Recommendations

For TCobro:

  1. Investigate the Breach: Identify and mitigate the source of unauthorized access.
  2. Enhance Security Measures:
    • Restrict access to CRM and database systems.
    • Implement multi-factor authentication (MFA) for administrative users.
    • Conduct penetration testing to uncover vulnerabilities.
  3. Notify Affected Individuals: Comply with Peruvian laws to inform clients and provide guidance on protective measures.

For Affected Clients:

  1. Monitor Communication: Be alert for phishing attempts or suspicious calls.
  2. Verify Financial Activity: Regularly check financial accounts for unauthorized transactions.
  3. Protect Personal Data: Avoid sharing sensitive information unless absolutely necessary.

Related

Latest