The Fulcrumsec group claims to have breached Analog Gold and its subsidiary, Prospector Portal, a US-based AI mining intelligence platform. According to the extortion group, the breach encompasses 2.2 terabytes of data across 52 S3 buckets, primarily exposing the complete commercial infrastructure of the platform alongside the sovereign government mining database of the Republic of Guyana (GGMC IMAPS). Fulcrumsec alleges that the breach occurred due to severe infrastructure misconfigurations, stating that the sensitive data of a sovereign nation was stored in the same AWS account as the startup’s staging logs and machine learning training data. The threat actor is currently leveraging a 58 GB “highlights package” to extort the company, noting that Analog Gold is currently in the midst of a pending $28 million asset sale to Exter Gold Corp.
The allegedly compromised data includes:
-
Full names
-
Tax Identification Numbers (TIN)
-
National Identification Numbers (NIN)
-
Passport numbers
-
Dates of birth
-
Phone numbers and email addresses
-
Full physical addresses
-
Company directorship information
-
Complete decision history and identities of named GGMC government officials
-
12,987 mineral license records with precise GPS polygon coordinates
-
Unreleased government planning data, including 41 proposed Amerindian land extensions
-
1,886+ proprietary NI 43-101 technical mining reports
-
Complete MySQL, PostgreSQL, and MSSQL database dumps
-
Machine learning models, SageMaker training data, and AI backend source code
-
Cleartext credentials including AWS access keys, Snowflake RSA private keys, Auth0 secrets, and database logins
Daily Dark WebRead More
T1
