TODAY: 1 NEW BREACH·LAST 30 DAYS: 4·RECORDS THIS YEAR: 5.6M·MOST TARGETED: GOVERNMENT·TOP ORIGIN: France·LARGEST BREACH: MedCore Systems — S3 Bucket Exposure (4.2M)·GLOBAL THREAT LEVEL: NORMAL·TODAY: 1 NEW BREACH·LAST 30 DAYS: 4·RECORDS THIS YEAR: 5.6M·MOST TARGETED: GOVERNMENT·TOP ORIGIN: France·LARGEST BREACH: MedCore Systems — S3 Bucket Exposure (4.2M)·GLOBAL THREAT LEVEL: NORMAL
BR-2024-11-0842[HIGH][FINANCE]PUBLICSOURCE

FinServe Global Data Dump

Records: 1.3M
Date: 2024-11-12
Origin: United Kingdom
Author: M. VANDERBILT

INCIDENT REPORT

A database containing partial credit card numbers and user emails was posted on BreachForums by a threat actor known as "d4rk_v3nd0r". The dataset appears to originate from a third-party payment processor used by FinServe Global.

An internal investigation confirmed that approximately 1.25 million customer records were compromised, including encrypted card data, full names, and transaction histories spanning 18 months.

FinServe Global issued a public statement denying any breach of their primary systems while acknowledging the exposure via a vendor relationship.

EXPOSED DATA TYPES

Partial Card Numbers
Email Addresses
Full Names
Transaction History

RAW LOG EXTRACTION [TRUNCATED]

// SOURCE: BreachForums post d4rk_v3nd0r

{"db": "finserve_users", "records": 1250000, "columns": ["email", "card_last4", "card_exp", "name", "txn_history"]}

[ALERT: PCI-DSS VIOLATION DETECTED // UNENCRYPTED CARD DATA IN DUMP]

Were you impacted?

Help the community understand the real-world impact of this breach.

ACTIONS // BR-SYS

SHARE