Threat Actor "Empire" Allegedly Selling 32,934 Records from Venezuelan Telecom Firm Datalink

⚠ Disclaimer: This report includes actual screenshots and/or text containing unredacted personally identifiable information (PII) gathered from publicly available sources. The sensitive information presented within this report is intended solely for cybersecurity awareness and threat intelligence purposes. Dark Web Informer explicitly condemns unauthorized access, distribution, or misuse of the personal data displayed or referenced here. Users must treat exposed data responsibly and ethically.

📌 Overview
A threat actor operating under the alias "Empire" has listed 32,934 records allegedly stolen from Datalink for sale on a cybercrime forum. The dataset reportedly contains mobile numbers, email addresses, names, job titles, company details, Twitter profiles, and additional business-related metadata.

The post claims that the breach took place in March 2025, affecting users in Venezuela. The seller has priced the dataset at $100, with transactions to be completed via XMR (Monero) only.

🔑 Key Details

📢 Threat Actor’s Claim
According to the forum post, the leaked database consists of 32,934 records, broken down into:

• 26,742 mobile numbers
• 32,856 email addresses
• Full names & job titles
• Work & mobile phone numbers
• Twitter profiles & follower counts
• Company names & addresses
• Time zone & language settings
• External IDs & business ticket access
• Twitter verification status

📌 Claim URL:
🔗 https://breachforums.st/Thread-SELLING-32934-records-Datalink-com-ve

📁 Leaked Data Preview Includes:

• Personally Identifiable Information (PII) – Names, job titles, emails, and phone numbers.
• Business & Customer Data – Ticket access permissions, external IDs, and company information.
• Social Media Insights – Twitter handles, follower counts, and verification statuses.
• Possible Sensitive Information – Addresses and metadata linked to professional accounts.

🛡️ WhiteIntel.io Data Leak Information

🚩 Potential Risks

• Targeted Phishing & Social Engineering Attacks – Exposed emails and phone numbers may be exploited for credential theft and scams.
• Business Email Compromise (BEC) Fraud – Threat actors could use company details for impersonation attacks.
• Privacy Violations & Regulatory Concerns – Organizations handling customer data may face compliance issues under Venezuelan and international data protection laws.
• Reputational Damage – Customers and business partners affected by the breach may lose trust in Datalink’s security measures.
• Credential Stuffing & Account Takeovers – If users have reused passwords, attackers may exploit the leaked data for unauthorized access.

🚨 Recommended Security Actions

• Investigate & Confirm the Breach – Datalink should conduct an internal audit to verify unauthorized access.
• Notify Affected Individuals – Customers and employees should be informed about potential exposure risks.
• Enhance Email & Network Security – Implement multi-factor authentication (MFA) and strict email filtering rules.
• Monitor for Suspicious Activity – Affected accounts should be watched for signs of phishing, fraud, or unauthorized logins.
• Report to Authorities & Regulatory Bodies – Ensure compliance with data protection regulations to avoid legal consequences.

💡 Final Thoughts
The sale of 32,934 records from Datalink raises privacy and cybersecurity concerns, particularly for individuals and businesses operating in Venezuela's network & telecommunications sector. The dataset, which contains contact details, social media insights, and company information, could be weaponized for phishing campaigns, impersonation fraud, and corporate espionage.

Organizations and individuals potentially affected by this breach should take proactive security measures, including password resets, fraud monitoring, and network hardening, to mitigate potential threats.

🚨 Stay updated on the latest cyber threats at DarkWebInformer.com