Keymous

🇲🇦 A threat actor operating under the name “Keymous Plus” is claiming to have leaked candidate-related data associated with Morocco’s Ministry of Foreign Affairs. According to the post, the exposed dataset allegedly contains: • full names • registration numbers • candidate records • approximately 8,440 entries While the leak appears relatively limited in volume compared to large-scale database breaches, the sensitivity comes from the nature of the targeted institution and the potential exposure of: • government recruitment pipelines • applicant identification data • diplomatic staffing information • internal administrative processes Leaks involving foreign affairs ministries are especially significant because they may enable: • targeted phishing campaigns • impersonation attempts • recruitment-focused social engineering • intelligence gathering on government personnel • profiling of diplomatic candidates or applicants The screenshot suggests the actor is publicly distributing: • structured candidate lists • registry identifiers • downloadable archive content Even limited datasets from government ministries can become valuable for adversaries when combined with: • OSINT enrichment • LinkedIn/social media correlation • credential reuse attacks • spear-phishing infrastructure This incident also aligns with a broader trend of politically motivated or hacktivist-style actors increasingly targeting: • public sector institutions • election systems • diplomatic organizations • government HR/recruitment systems The reference to “sharing” rather than direct monetization may indicate: • ideological motivations • influence operations • reputation-building within underground communities • regional geopolitical signaling At this stage, the claims remain unverified. However, government-affiliated personnel datasets should always be treated as sensitive due to their potential use in follow-on targeting and intelligence operations. 🇲🇦 #DDW #Intelligence #Morocco #CyberSecurity #DataBreach #DarkWeb #ThreatIntelligence #Government #OSINT #CyberThreats #Hacktivism #Infosec

‼️🌐 District Health Information Software (DHIS2) allegedly breached: access shared to national health systems across more than 30 countries serving 3.2 billion people A threat actor is sharing access touching the District Health Information Software (DHIS2) instances of more than 30 national ministries of health. DHIS2 is the world's largest open-source health management information system (HMIS) platform, used by over 75 countries to manage data for 3.2 billion people, supporting national health information systems, disease surveillance, vaccine tracking, and supply logistics. The actor states the affected systems are the main administrative data of record for monitoring public health services, tracking case-based epidemics, outbreak responses, and immunization programs, and include WHO-configured metadata packages for HIV, TB, and Malaria. ▸ Actor: Keymous ▸ Sector: Government / Public Health Information Systems ▸ Type: Access / Data Breach ▸ Records: National HMIS platforms covering more than 30 countries ▸ Countries: Burundi, Eritrea, Ethiopia, Kenya, Rwanda, Tanzania, Uganda, Zambia, Zanzibar, Benin, Burkina Faso, Ghana, Guinea, Liberia, Mali, Mauritania, Niger, Nigeria, Senegal, Sierra Leone, Cameroon, Chad, Equatorial Guinea, Botswana, Eswatini, Lesotho, Madagascar, Malawi, Mauritius, Mozambique, Namibia, Bangladesh, Bhutan, Nepal, Sri Lanka, Cambodia, Myanmar, Costa Rica, El Salvador, Guatemala, Honduras, Nicaragua, Panama (additionally listed as under check: Morocco, Iraq, Lebanon) Compromised data: ▪ Main administrative data of record for national public health services ▪ Case-based epidemic monitoring and outbreak response data ▪ Immunization program data ▪ WHO-configured metadata packages for HIV ▪ WHO-configured metadata packages for TB (Tuberculosis) ▪ WHO-configured metadata packages for Malaria ▪ Disease surveillance feeds ▪ Vaccine tracking data ▪ Supply logistics records ▪ Access touching the ministries of health for Honduras, Bhutan, Mozambique, Sierra Leone, Liberia, Nigeria, and other countries listed above Stop guessing what's redacted. Subscribers see everything → https://t.co/281Qjc6WSh