Want to advertise? Learn more here! Prefer to subscribe with cryptocurrency? Subscribe here!

Skip to content Dark Web Informer - Cyber Threat Intelligence

Threat Actor "Empire" Allegedly Selling 32,934 Records from Venezuelan Telecom Firm Datalink

💡 Subscribe to DarkWebInformer.com for Unmatched Cyber Threat Intelligence 💡

Why Subscribe? Let me do the work and save you time.

Stay ahead of cyber threats and safeguard your digital assets while enhancing your cybersecurity awareness with just some of these exclusive subscriber-only features:

  • 📜
    Exclusive Threat Feeds: Access the latest ransomware victim disclosures, breaches, leaks, and other critical updates. You will receive approximately 100-200 alerts daily.
  • 📡
    Detailed Threat Posts: Stay updated on breaches, leaks, ransomware, DDoS attacks, and more.
  • 📤
    On-Demand Data Export: Export all 14,000+ alerts to JSON, CSV, or XML at any time for deeper analysis.
  • 🖼️
    Instant Insight with Unredacted Screenshots: Gain immediate visibility into leaked data with high-resolution, watermark-free images. Seeing unredacted details helps you quickly assess whether your sensitive information has been compromised—without delays.
  • 🔗
    Direct Claim URLs: Instantly access claims with direct links for fast verification.
Subscribe Now Pay with Crypto

Disclaimer: This report includes actual screenshots and/or text containing unredacted personally identifiable information (PII) gathered from publicly available sources. The sensitive information presented within this report is intended solely for cybersecurity awareness and threat intelligence purposes. Dark Web Informer explicitly condemns unauthorized access, distribution, or misuse of the personal data displayed or referenced here. Users must treat exposed data responsibly and ethically.


📌 Overview
A threat actor operating under the alias "Empire" has listed 32,934 records allegedly stolen from Datalink for sale on a cybercrime forum. The dataset reportedly contains mobile numbers, email addresses, names, job titles, company details, Twitter profiles, and additional business-related metadata.

The post claims that the breach took place in March 2025, affecting users in Venezuela. The seller has priced the dataset at $100, with transactions to be completed via XMR (Monero) only.


🔑 Key Details

AttributeInformation
🗓️ Date2025-03-14 14:46:37
🎭 Threat ActorEmpire
🌎 Victim CountryVenezuela
🏭 Victim IndustryNetwork & Telecommunications
🏢 Victim OrganizationDatalink
🌐 Victim Sitedatalink.com.ve
🔐 Access TypeDatabase Breach
📂 CategoryData Breach
🌍 NetworkOpen Web
💲 Price$100 (XMR Only)

📢 Threat Actor’s Claim
According to the forum post, the leaked database consists of 32,934 records, broken down into:

  • 26,742 mobile numbers
  • 32,856 email addresses
  • Full names & job titles
  • Work & mobile phone numbers
  • Twitter profiles & follower counts
  • Company names & addresses
  • Time zone & language settings
  • External IDs & business ticket access
  • Twitter verification status

📌 Claim URL:
🔗 https://breachforums.st/Thread-SELLING-32934-records-Datalink-com-ve


📁 Leaked Data Preview Includes:

  • Personally Identifiable Information (PII) – Names, job titles, emails, and phone numbers.
  • Business & Customer Data – Ticket access permissions, external IDs, and company information.
  • Social Media Insights – Twitter handles, follower counts, and verification statuses.
  • Possible Sensitive Information – Addresses and metadata linked to professional accounts.

🛡️ WhiteIntel.io Data Leak Information

Fetching WhiteIntel.io Data...
Large datasets may take a moment...
This message will update automatically...

🚩 Potential Risks

  • Targeted Phishing & Social Engineering Attacks – Exposed emails and phone numbers may be exploited for credential theft and scams.
  • Business Email Compromise (BEC) Fraud – Threat actors could use company details for impersonation attacks.
  • Privacy Violations & Regulatory Concerns – Organizations handling customer data may face compliance issues under Venezuelan and international data protection laws.
  • Reputational Damage – Customers and business partners affected by the breach may lose trust in Datalink’s security measures.
  • Credential Stuffing & Account Takeovers – If users have reused passwords, attackers may exploit the leaked data for unauthorized access.

🚨 Recommended Security Actions

  • Investigate & Confirm the Breach – Datalink should conduct an internal audit to verify unauthorized access.
  • Notify Affected Individuals – Customers and employees should be informed about potential exposure risks.
  • Enhance Email & Network Security – Implement multi-factor authentication (MFA) and strict email filtering rules.
  • Monitor for Suspicious Activity – Affected accounts should be watched for signs of phishing, fraud, or unauthorized logins.
  • Report to Authorities & Regulatory Bodies – Ensure compliance with data protection regulations to avoid legal consequences.

💡 Final Thoughts
The sale of 32,934 records from Datalink raises privacy and cybersecurity concerns, particularly for individuals and businesses operating in Venezuela's network & telecommunications sector. The dataset, which contains contact details, social media insights, and company information, could be weaponized for phishing campaigns, impersonation fraud, and corporate espionage.

Organizations and individuals potentially affected by this breach should take proactive security measures, including password resets, fraud monitoring, and network hardening, to mitigate potential threats.


🚨 Stay updated on the latest cyber threats at DarkWebInformer.com

Latest