Olivia
Online
Facundo Ruiz
@el_facu
Full Stack Developer
ex webmaster
Joined June 2009
515 Following
129 Followers
1.9K Posts
🚨 STRATEGIC CYBER INTELLIGENCE ALERT: ALLEGED DATA EXFILTRATION AND REAL-TIME COMPROMISE — GRIDO 🇦🇷 🇨🇱 🇵🇾 🇵🇪 🇺🇾
⚠️ EXPOSURE OF PURCHASING AND LOGISTICS DATABASE WITH ~4.9 MILLION RECORDS (SAMPLES FROM ARGENTINA, CHILE, PARAGUAY, PERU, AND URUGUAY)
[STATUS: UNCONFIRMED/ UNDER INVESTIGATION/ SALE OF ACTIVE SYSTEM ACCESS/ HIGH RISK OF SOCIAL ENGINEERING AND PHISHING]
Through active monitoring of clandestine cybercriminal forums (DarkForums), a post made on May 27, 2026, by the threat actor cantpwn, a member of the L4TAMFUCK3RS group, was detected. In the manifesto, the alleged complete customer database of the Grido franchise chain is offered for sale, covering operations in multiple Latin American countries.
The leak reportedly includes approximately 4.9 million lines of data (2.3 GB) in JSON format for $500 USD. Additionally, the attacker claims to have persistent, real-time access to the data source (which they are selling for $300 USD), implying that new customer orders are still being actively compromised. The group concludes with a direct threat to their next target: Peru.
🎯 Affected Entity: Grido (Ice cream/food chain with a regional presence).
👤 Threat Actor: L4TAMFUCK3RS
📂 Volume and Scope: ~4.9 million records / 2.3 GB (JSON format and historical data packaged in RAR).
📊 Technical Breakdown and Allegedly Compromised Assets
If the batch is validated, the leak would not expose generic credentials, but rather the commercial activity, geolocation data, and specific consumption habits of millions of users in Latin America:
1. 👤 Personally Identifiable Information (PII)
Direct contact information: Full names, mobile phone numbers linked to accounts, and personal email addresses (e.g., Gmail, Hotmail).
Geolocation and Residential Logistics: Delivery addresses (street, number, apartment, building, city, state, and country) used for home deliveries.
2. 🛍️ Operational and Consumption Metadata
Transaction history: Unique order identifiers (Order IDs), exact timestamps (date and time), amounts billed in local currency, and specific branches responsible for preparing the order.
Logistics Traceability: Order status (e.g., "Shipped," "Received") and purchase method (Delivery or Takeaway).
3. 💳 Payment and Platform Information
Payment Gateways: Selected payment methods (Cash or Online Payment) accompanied by reference numbers or digital financial transaction tokens.
Device Fingerprint: Client operating system type (Android or iOS) along with the exact version of the application used (e.g., versions 5.7.0 and 5.5.7), exposing the attack surface of the users' mobile environment.
🛡️ Mitigations and Emergency Recommendations
🛑 Preventive Audit of APIs and Backend (Global Priority): Immediately monitor and investigate the access points that process and store the daily data loads in .json format mentioned in the manifest, looking for anomalies in traffic exfiltration.
🔒 Third-Party Access and Credential Review: Conduct a security audit of billing systems and mobile dispatch platforms to detect potentially compromised credentials or anomalous persistent sessions.
⚡ Monitoring and Evaluation
🌐 Intelligence System: https://t.co/wk9bZJ2Nli
🛡️ Quickly assess your website's security with: https://t.co/YnDw1QjN9c
#CyberSecurity #DataLeak #Latam #GridoLeak #DarkForums #ThreatIntelligence #CyberAlert #VECERT #DataBreach #UnderInvestigation
![VECERTRadar's tweet photo. 🚨 STRATEGIC CYBER INTELLIGENCE ALERT: ALLEGED DATA EXFILTRATION AND REAL-TIME COMPROMISE — GRIDO 🇦🇷 🇨🇱 🇵🇾 🇵🇪 🇺🇾
⚠️ EXPOSURE OF PURCHASING AND LOGISTICS DATABASE WITH ~4.9 MILLION RECORDS (SAMPLES FROM ARGENTINA, CHILE, PARAGUAY, PERU, AND URUGUAY)
[STATUS: UNCONFIRMED/ UNDER INVESTIGATION/ SALE OF ACTIVE SYSTEM ACCESS/ HIGH RISK OF SOCIAL ENGINEERING AND PHISHING]
Through active monitoring of clandestine cybercriminal forums (DarkForums), a post made on May 27, 2026, by the threat actor cantpwn, a member of the L4TAMFUCK3RS group, was detected. In the manifesto, the alleged complete customer database of the Grido franchise chain is offered for sale, covering operations in multiple Latin American countries.
The leak reportedly includes approximately 4.9 million lines of data (2.3 GB) in JSON format for $500 USD. Additionally, the attacker claims to have persistent, real-time access to the data source (which they are selling for $300 USD), implying that new customer orders are still being actively compromised. The group concludes with a direct threat to their next target: Peru.
🎯 Affected Entity: Grido (Ice cream/food chain with a regional presence).
👤 Threat Actor: L4TAMFUCK3RS
📂 Volume and Scope: ~4.9 million records / 2.3 GB (JSON format and historical data packaged in RAR).
📊 Technical Breakdown and Allegedly Compromised Assets
If the batch is validated, the leak would not expose generic credentials, but rather the commercial activity, geolocation data, and specific consumption habits of millions of users in Latin America:
1. 👤 Personally Identifiable Information (PII)
Direct contact information: Full names, mobile phone numbers linked to accounts, and personal email addresses (e.g., Gmail, Hotmail).
Geolocation and Residential Logistics: Delivery addresses (street, number, apartment, building, city, state, and country) used for home deliveries.
2. 🛍️ Operational and Consumption Metadata
Transaction history: Unique order identifiers (Order IDs), exact timestamps (date and time), amounts billed in local currency, and specific branches responsible for preparing the order.
Logistics Traceability: Order status (e.g., "Shipped," "Received") and purchase method (Delivery or Takeaway).
3. 💳 Payment and Platform Information
Payment Gateways: Selected payment methods (Cash or Online Payment) accompanied by reference numbers or digital financial transaction tokens.
Device Fingerprint: Client operating system type (Android or iOS) along with the exact version of the application used (e.g., versions 5.7.0 and 5.5.7), exposing the attack surface of the users' mobile environment.
🛡️ Mitigations and Emergency Recommendations
🛑 Preventive Audit of APIs and Backend (Global Priority): Immediately monitor and investigate the access points that process and store the daily data loads in .json format mentioned in the manifest, looking for anomalies in traffic exfiltration.
🔒 Third-Party Access and Credential Review: Conduct a security audit of billing systems and mobile dispatch platforms to detect potentially compromised credentials or anomalous persistent sessions.
⚡ Monitoring and Evaluation
🌐 Intelligence System: https://t.co/wk9bZJ2Nli
🛡️ Quickly assess your website's security with: https://t.co/YnDw1QjN9c
#CyberSecurity #DataLeak #Latam #GridoLeak #DarkForums #ThreatIntelligence #CyberAlert #VECERT #DataBreach #UnderInvestigation](https://pbs.twimg.com/media/HJWlSUtWUAQeBGd.jpg)
🚨 STRATEGIC CYBERINTEL ALERT: ALLEGED LEAK OF POLICE DATA, CREDENTIALS, AND BIOMETRICS — BUENOS AIRES CITY POLICE 🇦🇷
⚠️ THREAT ACTOR "SKULL1172" (#ESQUELESQUAD) EXFILTRATES 2 GB OF SENSITIVE DATA, FACIAL PHOTOGRAPHS, AND ACCESS LOGS — WHAT APPEARS TO BE "PART 2" OF A PREVIOUS LEAK
[STATUS: UNDER INVESTIGATION; NO OFFICIAL CONFIRMATION]
Through the monitoring of underground forums, a critical post was detected today, authored by the threat actor known as Skull1172.
The attacker announces "Part 2" of a data leak targeting the Buenos Aires City Police, claiming to possess 2 GB of data exfiltrated recently (dated 2026). The severity of this breach lies in the level of detail within the exposed information: it includes not only confidential documents, transaction records, and prisoner data, but also exposes a structured registry of police officers—complete with their facial photographs in Base64 format—alongside passwords for government portals.
🎯 Affected Entity: Buenos Aires City Police (Security Forces / Public Sector, Argentina 🇦🇷).
👤 Threat Actor: Skull1172 / #EsqueleSquad.
📂 Exfiltrated Volume: 2 GB (JSON Format).
⚙️ Incident Type: Institutional Database Exfiltration, Credential Theft (Infostealer), and Biometric Data Breach.
⚠️ Verification Status: The provided samples (PROOFS) include screenshots of the police intranet displaying the photograph and personnel file of Officer Luis Carlos Sena, as well as actual JSON dumps containing the CUIL, DNI, police ranks, and email addresses of multiple officers. 📊 TECHNICAL BREAKDOWN AND IMPACT VECTORS
Analysis of the samples provided by the threat actor reveals two distinct vectors of compromise that have converged in this data leak:
🪪 Personnel Database Breach (HR/Operations):
The JSON dump exposes the complete profiles of officers: Internal ID, Personnel File Number (LP), National ID (DNI), Tax ID (CUIL), Rank (Grade), Full Name, and multiple email addresses (@policiadelaciudad.gob.ar, @buenosaires.gob.ar, and personal accounts), along with direct mobile phone numbers.
The inclusion of facial photographs (Base64-encoded within the full database dump) irremediably compromises the physical identity of agents operating in sensitive divisions (e.g., Urban Transport Security, Investigations).
🛡️ MITIGATION AND PREVENTIVE RECOMMENDATIONS
🛑 Mass Credential Rotation and Access Revocation: The Ministry of Justice and Security of the City of Buenos Aires must force a password reset across all web portals (https://t.co/c17sNtveO9 and https://t.co/3yojzRwwxg), implementing mandatory Multi-Factor Authentication (MFA) that does not rely on SMS (given that phone numbers were also leaked).
🔒 Alert to the Financial System (BCRA): Notify the Argentine banking network to flag the National IDs (DNI) and Tax IDs (CUIL) of the exposed officers on enhanced monitoring lists, requiring in-person validation for the opening of any new credit products.
⚡ MONITORING AND ASSESSMENT
🌐 Intelligence System: https://t.co/wk9bZJ2Nli
🛡️ Quickly assess your website's security with: https://t.co/YnDw1QjN9c
#CyberSecurity #DataBreach #Argentina #PoliciaDeLaCiudad #EsqueleSquad #BiometricLeak #Infostealer #IdentityTheft #ThreatIntelligence #CiberAlerta #VECERT #Infosec
![VECERTRadar's tweet photo. 🚨 STRATEGIC CYBERINTEL ALERT: ALLEGED LEAK OF POLICE DATA, CREDENTIALS, AND BIOMETRICS — BUENOS AIRES CITY POLICE 🇦🇷
⚠️ THREAT ACTOR "SKULL1172" (#ESQUELESQUAD) EXFILTRATES 2 GB OF SENSITIVE DATA, FACIAL PHOTOGRAPHS, AND ACCESS LOGS — WHAT APPEARS TO BE "PART 2" OF A PREVIOUS LEAK
[STATUS: UNDER INVESTIGATION; NO OFFICIAL CONFIRMATION]
Through the monitoring of underground forums, a critical post was detected today, authored by the threat actor known as Skull1172.
The attacker announces "Part 2" of a data leak targeting the Buenos Aires City Police, claiming to possess 2 GB of data exfiltrated recently (dated 2026). The severity of this breach lies in the level of detail within the exposed information: it includes not only confidential documents, transaction records, and prisoner data, but also exposes a structured registry of police officers—complete with their facial photographs in Base64 format—alongside passwords for government portals.
🎯 Affected Entity: Buenos Aires City Police (Security Forces / Public Sector, Argentina 🇦🇷).
👤 Threat Actor: Skull1172 / #EsqueleSquad.
📂 Exfiltrated Volume: 2 GB (JSON Format).
⚙️ Incident Type: Institutional Database Exfiltration, Credential Theft (Infostealer), and Biometric Data Breach.
⚠️ Verification Status: The provided samples (PROOFS) include screenshots of the police intranet displaying the photograph and personnel file of Officer Luis Carlos Sena, as well as actual JSON dumps containing the CUIL, DNI, police ranks, and email addresses of multiple officers. 📊 TECHNICAL BREAKDOWN AND IMPACT VECTORS
Analysis of the samples provided by the threat actor reveals two distinct vectors of compromise that have converged in this data leak:
🪪 Personnel Database Breach (HR/Operations):
The JSON dump exposes the complete profiles of officers: Internal ID, Personnel File Number (LP), National ID (DNI), Tax ID (CUIL), Rank (Grade), Full Name, and multiple email addresses (@policiadelaciudad.gob.ar, @buenosaires.gob.ar, and personal accounts), along with direct mobile phone numbers.
The inclusion of facial photographs (Base64-encoded within the full database dump) irremediably compromises the physical identity of agents operating in sensitive divisions (e.g., Urban Transport Security, Investigations).
🛡️ MITIGATION AND PREVENTIVE RECOMMENDATIONS
🛑 Mass Credential Rotation and Access Revocation: The Ministry of Justice and Security of the City of Buenos Aires must force a password reset across all web portals (https://t.co/c17sNtveO9 and https://t.co/3yojzRwwxg), implementing mandatory Multi-Factor Authentication (MFA) that does not rely on SMS (given that phone numbers were also leaked).
🔒 Alert to the Financial System (BCRA): Notify the Argentine banking network to flag the National IDs (DNI) and Tax IDs (CUIL) of the exposed officers on enhanced monitoring lists, requiring in-person validation for the opening of any new credit products.
⚡ MONITORING AND ASSESSMENT
🌐 Intelligence System: https://t.co/wk9bZJ2Nli
🛡️ Quickly assess your website's security with: https://t.co/YnDw1QjN9c
#CyberSecurity #DataBreach #Argentina #PoliciaDeLaCiudad #EsqueleSquad #BiometricLeak #Infostealer #IdentityTheft #ThreatIntelligence #CiberAlerta #VECERT #Infosec](https://pbs.twimg.com/media/HJN1WplXgAAQKTm.jpg)
DevTalles podcast - 255: Spec Driven Design - SDD https://t.co/skkam3CCYY a través de @YouTube
📅 Hoy, primer jueves del mes de mayo, se celebra el Día Mundial de las #Contraseñas.
🔑 El Centro Criptológico Nacional #CCN publica el informe "Uso y gestión de contraseñas" en su portal de formación en #ciberseguridad ÁNGELES.
Más información 👉 https://t.co/vQpwV7jmbp
Who to follow
Lourdes Estrada
@LuuEstrada2
Lic. en Cs. de la Comunicación en proceso
•Productora de Musas Tucumán •Cambiar la suerte por el impulso de crear
Husseini
@turko871
Amar sin nadie, vaya cosa triste, sin nada que abrazar ni Eva que nos abrace. Amar con alguien, vaya cosa buena :)
Emi Tarifa
@EmiTarifa
Esta cuenta es de uso personal!
@Argentina Pasa el Prompt
@hasancankls muy buena la estructura, la estructura que usaste la definiste en detalle?
Si quieres hacer miniaturas como estas, solo tienes que usar esta plantilla:
Crea una miniatura de YouTube en formato 16:9 con un sujeto principal muy grande y una expresión exagerada de [sorpresa / miedo / emoción / confusión].
La escena muestra [tema principal] con elementos visuales como [flecha roja / círculo / check verde / X roja / símbolo de peligro / sello / contador / mapa / zoom / blur].
Incluye texto grande y claro que diga: “[TEXTO CORTO Y POTENTE]”. Estilo thumbnail profesional, alto contraste, limpio, muy llamativo y pensado para verse bien en móvil.
We’ve identified a security incident that involved unauthorized access to certain internal Vercel systems, impacting a limited subset of customers. Please see our security bulletin:
https://t.co/0S939n3qHC
Tu Cliente No Quiere Software… Quiere Un Excel https://t.co/Gi7xYmk6et a través de @YouTube
🌎💚 GeoCositas está creciendo cada vez más, así que decidí actualizarla nuevamente 👉 https://t.co/6sRX3xRnV7 🎉🤯
Esta vez decidí cambiar la interfaz para que sea más amigable a los estudiantes y facilite la navegación, además aproveché para cambiar temas técnicos.
me and @claudeai
@Porquettargasce es la misma persona!!
@fedeebongiorno que vende humo.
LA CNEA EN EL MICROSATÉLITE ATENEA
El microsatélite argentino ATENEA formará parte de la misión tripulada Artemis II de la NASA. La CNEA proveyó el sistema de paneles solares que será probado con mayor radiación fuera de la atmósfera terrestre.
La República Argentina será el único país de América Latina con presencia directa en la misión que tiene como objetivo el regreso humano a la Luna.
Finalmente la amenaza se cumplió👇
Llevará tiempo el análisis pero, a primera vista hay muchos datos antiguos y, en algunos casos, un set muy acotado a algunas Instituciones provinciales.
Hay archivos con datos personales y financieros en TXT/JSON/CSV y fotos.
Con el aporte y sugerencia de varios colegas de distintos partidos políticos sacamos una nueva actualización ahora también con cuencas hídricas en https://t.co/cSw7vWsSjn
Para visualizarlas, solo hay que activar el "botón" correspondiente.
Ya pueden ver el mapa con el inventario el Ianigla, proyectos mineros y cuencas hídricas.
🇦🇷🚨#Argentina el grupo “CHRONUS TEAM” anunció que el próximo 30 de marzo publicará vulneraciones a instituciones de Argentina .
Muchas de ellas son a instituciones críticas. Probablemente sea la filtración más grande de la
Historia Argentina
Cc: @Marce_I_P
ni un descuento por el día de la memoria😭
🇦🇷⚠️ Vaciar el Servicio Meteorológico no es un ajuste más: es perder capacidad de prevenir riesgos.
▶️ Escuchá y difundí! Via @AgrupacionRG
Para recibir información actualizada sobre el contenido de agua en el suelo, estado de los cultivos, ocurrencia de eventos extremos, informes mensuales y mucho más sumate a nuestro canal de Whatsapp: Herramientas Satelitales SEPA INTA 🌻🛰️ 🌎🌾https://t.co/9EOC9tdCJO!
Last Seen Users on Sotwe
پھدی کا پیاسا
Seen from Pakistan
ملتقى سوالب وموجبين بغداد
Seen from Saudi Arabia
Indo bokep 18+
Seen from Indonesia
Gujashow V9 
Seen from Israel
keyifci_
Seen from Turkey
پشتو سیکسی ویڈو
Seen from Pakistan
Heteros Enganados
Seen from Brazil
يمانيه حره
Seen from Qatar
Melissa
Seen from United States
Mba-mba Jawa
Seen from Indonesia
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers