Krece, a Venezuelan financing and fintech application that allows users to purchase Android smartphones and other tech products in installments, has allegedly suffered a massive data breach. The incident reportedly involves the compromise of highly sensitive user and financial data, which was subsequently posted on a leak forum by a threat actor.
According to the actor, the leak contains over six million highly confidential records stored in JSON format, encompassing unique sales, store profiles, payment methods, debtor histories, and transaction logs. The allegedly compromised data includes:
-
Full names
-
Email addresses
-
Phone numbers
-
Physical store locations and addresses
-
National ID and tax identification numbers (RIF)
-
Device details (including IMEI numbers and specific smartphone models)
-
Financial transaction data (including debt amounts, payment histories, bank names, and account numbers)
-
Internal API keys and client IDs
Daily Dark WebRead More
R1
T1
