Capital Markets Elite Group, an independent financial services firm, has suffered a major data breach, exposing over 110GB of sensitive user information.
Personal documents, including driver's licenses and bank statements, were posted on a dark web forum last month by a hacker group known as “KryptonZambie.”
From our analysis, the stolen information has been traced to thousands of users, the majority of whom are from the United States, and the breach is being blamed on the company's inadequate security systems. The incident was reported last week.
The leaked documents allegedly include search certificates, tax returns, voter registration certificates, and Dow Jones Risk Center user information.
Even though the hacker did not explain how they obtained the data, the scale of the leak suggests significant vulnerabilities in the financial group's infrastructure.
The files vary in size, with some as large as 61MB, implying that users uploaded uncompressed high-resolution scans of personal documents.
According to rough estimates, this breach may have affected between 8,000 and 12,000 people.
The breach, which also exposed identification documents associated with other financial institutions, has raised widespread concerns about the risks to users.
Cybersecurity experts warn that criminals could use this vast amount of data to launch targeted phishing attacks or commit identity theft, potentially causing long-term harm to victims.
Hackers now have access to all types of personal information, making the leak especially dangerous.
One of the victims, whose information was included in the files, confirmed that the data was authentic, lending credibility to the breach.
The hacker group posted the files on a dark web forum, stating it include “all identification documents and bank statements” associated with the American Stock Exchange system through CMEliteGroup.
Capital Markets Elite Group has yet to issue a public statement responding to the breach or explaining what steps, if any, it intends to take to protect its users from further harm.
To be clear, this is not the largest leak we've seen; last month, we exclusively reported on 10 billion unique emails leaked by another hacker.
Disclaimer: This news article is based on internal investigations. Users are responsible for their reliance on the content herein. Hackerdose assumes no liability for the accuracy of the information or any consequences arising from its use.