Trending
ee-track">
Link copied!

Old Records with NIDs Resurface – 42 Million Mexico Residents Hit

The wave of data breaches is on the rise as hackers are highly motivated to steal sensitive data for financial gains. This is compounded by the fact that personal information is a highly valued data.  Recently, the Research Team at Cyble found a post…

January 29, 2021 · 3 min read

The wave of data breaches is on the rise as hackers are highly motivated to steal sensitive data for financial gains. This is compounded by the fact that personal information is a highly valued data. 

Recently, the Research Team at Cyble found a post on one of the cybercrime forums in which the threat actor claimed to be in possession of 42 million records of residents of Mexico along with their National Identification Numbers (NIDs). 

Below is an image of the post from the forum. The threat actor has also shared a sample to display the authenticity of the data. 

image 30

The dataset is about 6.14GB in size, containing 128 .mdb files in total.  The files are dated between 2009 to 2011, as shown in the screenshot below. 

image 28
image 27

Below is a screenshot of extracts from one of the files. It contains NIDs, identified as CURP in Mexico. CURP is a Unique Population Registry Code for citizens and residents of Mexico, and each CURP is a unique alphanumeric 18-character string. 

image 31

Cyble researchers also found a blog on another forum with the same database for sale. We suspect that threat actors acquire such data from multiple sources and share it on cybercrime forums to build a reputation for their profiles. 

Text

Description automatically generated

Cyble has been reporting these types of breaches to spread awareness of the risks associated with using online services. Recently, during our routine Dark web monitoring, we came across a post in the cybercrime market in which a threat actor claimed to be in possession of more than 220k+ unique records of Jammu and Kashmir residents. The rising number of such data leaks not only reaffirms the need for updated cybersecurity measures but also underlines the importance of handling sensitive consumer data responsibly. 

Data leaks such as these can foster criminal activities and play a pivotal role in various malpractices such as phishing attacks, credential stuffing, financial fraud, and social engineering campaigns. 

We recommend people to: 

  • Never share personal information, including financial information over the phone, email, or SMSes.  
  • Use strong passwords and enforce multi-factor authentication wherever possible.  
  • Regularly monitor your financial transactions, and if you notice any suspicious activity, contact your bank immediately.  
  • Turn on the automatic software update feature on your computer, mobile, and other connected devices wherever possible and pragmatic.  
  • Use a reputed anti-virus and Internet security software package on your connected devices, including PC, laptop, and mobile.  
  • People who are concerned about their exposure in the Darkweb can register at AmiBreached.com to ascertain their exposure.  
  • Refrain from opening untrusted links and email attachments without verifying their authenticity.   

About Cyble 

Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups To Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. To learn more about Cyble, visit www.cyble.com

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams