Deformed_SAS

🇷🇸 A threat actor is claiming to possess a massive “72 million” record dataset allegedly linked to Serbian telecommunications providers, prominently referencing Telekom Srbija and multiple regional telecom operators. The exposed fields shown in the listing allegedly include: • Full names • National ID/JMBG-related identifiers • Addresses • Mobile phone numbers • Partner/customer IDs • Installation/service details • Device serial numbers • Employee and distributor information • Service package and infrastructure metadata The post references several major Serbian telecom and ISP brands, including: • Telekom Srbija • Yettel Serbia • CETIN Serbia • A1 Serbia • SBB • Orion Telekom • YUNET At this stage, the authenticity, origin, and actual scale of the dataset remain unverified. The claimed volume appears unusually large relative to Serbia’s population, which may indicate: • Aggregated multi-source telecom datasets • Historical/internal infrastructure records • Duplicated entries • Scraped operational data • Inflated claims for attention or resale value If legitimate, the exposure could create significant risks: • SIM swap targeting • Telecom fraud • Identity theft • Social engineering campaigns • Infrastructure reconnaissance • Insider targeting • Credential-reset abuse using subscriber information Telecom providers and affected organizations should: • Monitor for unusual account recovery activity • Increase anti-SIM-swap protections • Audit exposed internal operational systems • Review third-party/vendor access • Monitor dark web resale channels and credential markets • Alert customers regarding phishing risks No official confirmation regarding the alleged dataset has been publicly identified at this time. #DDW #Intelligence #Serbia #Telecom #CyberSecurity #DarkWeb #DataBreach