Incident Overview

A threat actor using the handle "Moon_WALK" posted on BreachForums on January 9, 2026 claiming to be selling customer data from Celeste Technologies, an Indian IT services company. The post advertises 34,349 records in CSV format for $100 with escrow payment accepted.

• Total Records: 34,349 lines of customer data
• File Size: 27.8 MB in CSV format
• Price: $100 with escrow accepted
• Data Fields: Title, first name, last name, phone, mobile, email, and appointments information
• Contact Methods: Direct message on-site, Telegram (TOX), or session messaging
• Sample Data Visible: Multiple customer records showing Indian names, phone numbers (starting with +91), Gmail addresses, and detailed appointment scheduling information with dates, statuses, and appointment IDs