Sell different DB's

[0x3a0]

Спойлер: Закрыто на депозит. Closed for deposit.

Hello everyone, I am selling a database extracted from a domain of the great Popso Bank in Italy.
I will list some information about the bank in question:
Name: Banca Popolare di Sondrio
Industry: Financial Services, Bank
Headquarters: Sondrio, Italy
Revenue: € 251,3 milioni (2022)
About: https://en.wikipedia.org/wiki/Banca_Popolare_di_Sondrio

I'm selling:
1 MAILSERVER ACCESS - EMAIL, PASSWORD, SMTPSERVER, SMTPPORT
4270 EMPLOYEES AND CUSTOMERS - NAME, EMAIL, USERNAME, PASSWORD, DATEINSERT
JUST 3 SAMPLES:
LUIS,luis.misdea@popso.it,luis.misdea@popso.it,Estero2022!,Nov 4 2022 4:22PM
Pasqualotto,giulia.pasqualotto@popso.it,giulia.pasqualotto@popso.it,Stefano26!,Nov 11 2022 3:45PM
jacopo,jacopo.riso@popso.it,jacopo.riso@popso.it,Popolare88!,Nov 11 2022 3:40PM

There are 650 users using @popso.it email and the rest are random emails from some client companies.
Also available is the vulnerability in which it was used to obtain this data if you are interested there is other data other than logins, there are more databases with other information.
Thank you for your attention, I hope we can do business if you are interested send me a private message, I'm new to the forum, but I'm already an old member of RF and BF.

 

[makdos92]

Hi 0x3a0,
the bank declares that this is fake news! That no domain of the bank has been compromised.

From: https://www.redhotcyber.com/post/la...red-hot-cyber-molto-bene-sulla-comunicazione/

Good evening,
with regard to your publication referring to our Organization referred to in the title above, we feel it is appropriate to clarify that, thanks to the timely communication from the National Cybersecurity Agency, which we received early in the morning, we were able to immediately initiate the necessary investigations in order to clarify the origin of all the indications in the published message.

First, it is stressed that the Bank's email server mentioned in the post is that of Microsoft's cloud and, therefore, if there were any particular critical issues, they would have emerged more extensively than reported; however, it is confirmed that there is no evidence of any breach of the said cloud service.

Faced with the evidence referred to the No. 3 e-mail addresses mentioned in the reported post, it was immediately verified, in the first instance, the inaccuracy of the indicated passwords by testing them directly on the Bank's centralized authentication systems. Subsequently, the people to whom those e-mail addresses are assigned were contacted directly and they confirmed that they had never used those passwords within the Bank, reporting rather that they had used them exclusively for registration on certain services outside the Organization.
Specifically, it was identified, with reasonable certainty, the service accessible from the Internet on which those credentials were allegedly used, completely unrelated to our Bank, whose exact details were provided to ACN in order to report and investigate the possible real origin of the violation found.

We therefore conclude by stating that this is fake news, clearing the field of any direct involvement of our Bank referring to the data reported in the post and finally reassuring about the maximum effectiveness of our information security management system.

Can you indicate which domain this data came from?

 

[0x3a0]

Hi 0x3a0,
the bank declares that this is fake news! That no domain of the bank has been compromised.

From: https://www.redhotcyber.com/post/la...red-hot-cyber-molto-bene-sulla-comunicazione/


Can you indicate which domain this data came from?

I will not prove anything publicly, only for interested buyers, everyone can use the middleman of the forum, no one here will be scammed, I'm an old member and I don't need to boost my ego because someone said it's fake news, it was hacked and the vulnerability is still there, has not been corrected.
The data is still for sale and vulnerability too!
If you think you're going to pull out extra information to correct it, you're wrong.
(me too, being a bank, I would deny it so as not to embarrass myself nationally).

 

[0x3a0]

Hello everyone, I am selling a database extracted from a domain of the Alpi Aviation in Italy.
I will list some information about the company in question:
Name: Alpi Aviation
Industry: Aircraft
Headquarters: Italy
Revenue: ???
About: https://en.wikipedia.org/wiki/Alpi_Aviation

I'm selling:
550 USERS - FIRSTLASTNAME, PHONE, ADDRESS, EMAIL, PASSWORD(MD5 HASH)

LOGINS FOR ACCESS PANEL IN DOMAIN AFFECTED INCLUDE:
Tutorial on how to assemble some parts of your planes(PDF FILES)
How to maintain some of your planes(PDF FILES)
Photos and names of accessories for creating and maintaining airplanes(PDF FILES)

Thank you for your attention, I hope we can do business if you are interested send me a private message.

 

[0x3a0]

Hello everyone, I am selling a database extracted from a domain of the Caremar in Italy.
I will list some information about the company in question:
Industry: Passenger Transport
About: https://en.wikipedia.org/wiki/Caremar

I'm selling:
25 ADMIN USERS - FULLNAME, EMAIL, USERNAME, PASSWORD(MD5 HASH)
52 AGENZIE USERS - EMAIL, PASSWORD(MD5 HASH)
24,500 CUSTOMER USERS - FULLNAME, TELEPHONE, EMAIL, PASSWORD(MD5 HASH)

Thank you for your attention, I hope we can do business if you are interested send me a private message.