A dark web post was published by the threat actor “@IntelBroker”, claiming responsibility for breaching and obtaining the complete source code of both the Washington DC Department of Motor Vehicles (DMV) and IAAI.com, a major auction website. The post details the extent of the breach, which reportedly includes data ranging from 2018 to 2024.
The threat actor’s announcement lists a comprehensive set of projects, including sensitive modules such as “WashingtonDMV,” “AuctionCenter,” and “B2BAssignments.WebSvc.” Additionally, the source code reportedly contains hardcoded credentials.
Some of the notable projects mentioned include:
- ASAP.TitleService
- BluePayBuyerPaymentService
- CoreTrackStateMachine
- IAAI.OnYardDataSVC
- Legacy.NQ
- BRACAppTest
- ExpenseManagement
According to the post, the stolen data is available for purchase via XMR (Monero). The threat actor provided several contact methods for potential buyers, including Keybase and XMPP, and expressed openness to using a middleman to facilitate the sale.
The post IntelBroker Allegedly Breached Washington DC DMV and IAAI appeared first on Daily Dark Web.