{
	"id": "7351d03e-3549-4d67-8b7d-b929597e7d04",
	"created_at": "2026-04-06T00:14:26.920964Z",
	"updated_at": "2026-04-10T13:11:45.878808Z",
	"deleted_at": null,
	"sha1_hash": "47ed7dac1165bb7c22f8a120954a6f3d55fbedee",
	"title": "U.S. Faces Cyber Onslaught: Fico Breach, ID, CC, Military Data Sale",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 40543,
	"plain_text": "U.S. Faces Cyber Onslaught: Fico Breach, ID, CC, Military Data\r\nSale\r\nPublished: 2024-04-01 · Archived: 2026-04-05 16:32:55 UTC\r\nExplore the latest dark web threats uncovered by SOCRadar’s Dark Web Team. From breaches affecting major\r\ncorporations such as Fico to the sale of sensitive data, the digital underworld continues to pose significant risks.\r\nReceive a Free Dark Web Report for Your Organization:\r\nJustEvil Claims to Have Obtained Sensitive Data from BAE Systems\r\nThe SOCRadar Dark Web Team has identified a concerning development involving the threat\r\ngroup/actor JustEvil aka KillMilk. According to reports, JustEvil claims to have successfully accessed sensitive\r\npersonal data belonging to UK defense personnel from BAE Systems. This data allegedly includes resumes,\r\nprofessional certifications, and job roles, potentially exposing individuals to identity theft, phishing attacks, and\r\nother cyber threats.\r\nIdentity Documents of American Citizens are on Sale\r\nIn another alarming discovery, our team observed the sale of identity documents of American citizens on a hacker\r\nforum. This data, which includes names, addresses, Social Security numbers, and phone numbers, poses a high\r\nrisk of identity theft, financial fraud, and reputational damage for affected individuals.\r\nCredit Cards Belonging to the United States are on Sale\r\nFurther exacerbating the situation, stolen credit cards belonging to individuals in the United States have been\r\nspotted for sale on the dark web. With over 100 cards in stock and priced at $13 per card, this development\r\nsignals a potential data breach at financial institutions or payment processors, highlighting the urgent need for\r\nenhanced security measures and vigilance.\r\nUSDoD Exposes Fico.com Database\r\nA major threat surfaced, idle for a long time; USDoD came back to the cybercrime arena. An alleged data breach\r\ninvolving FICO, a major analytics software company was shared by the threat actor on a hacker forum. The\r\nleaked database reportedly contains personal and professional information of individuals associated with FICO,\r\nraising serious concerns about data security and privacy.\r\nCyber Niggers’ Alleged US Military Files\r\nLastly, the threat group CyberNiggers has purportedly released US military files, including precompiled JARs and\r\ncertificate files belonging to the Air Force and Navy. This breach underscores the ongoing risks of insider threats\r\nhttps://socradar.io/u-s-faces-cyber-onslaught-fico-breach-id-cc-military-data-sale/\r\nPage 1 of 2\n\nand unauthorized access to sensitive military data, necessitating comprehensive security measures and\r\ncollaboration among stakeholders.\r\nThese developments highlight the dynamic and evolving nature of cyber threats on the dark web. Organizations\r\nmust remain vigilant, implement robust security protocols, and leverage threat intelligence solutions like\r\nSOCRadar to detect and mitigate risks effectively.\r\nPowered by DarkMirror™\r\nGaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence\r\nand digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges,\r\nSOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and\r\ngroups filtered by the targeted country or industry.\r\nSource: https://socradar.io/u-s-faces-cyber-onslaught-fico-breach-id-cc-military-data-sale/\r\nhttps://socradar.io/u-s-faces-cyber-onslaught-fico-breach-id-cc-military-data-sale/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MISPGALAXY",
		"Malpedia"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://socradar.io/u-s-faces-cyber-onslaught-fico-breach-id-cc-military-data-sale/"
	],
	"report_names": [
		"u-s-faces-cyber-onslaught-fico-breach-id-cc-military-data-sale"
	],
	"threat_actors": [
		{
			"id": "80edca9f-dcd6-491e-92f3-87ad1f575631",
			"created_at": "2023-10-14T02:03:14.694988Z",
			"updated_at": "2026-04-10T02:00:05.021046Z",
			"deleted_at": null,
			"main_name": "NetSec",
			"aliases": [
				"NetSec",
				"Operation Data Breach",
				"ScarFace_TheOne",
				"USDoD"
			],
			"source_name": "ETDA:NetSec",
			"tools": [],
			"source_id": "ETDA",
			"reports": null
		},
		{
			"id": "82a51997-1402-41c3-86df-6f9e522b2ba8",
			"created_at": "2024-04-27T02:00:03.554045Z",
			"updated_at": "2026-04-10T02:00:03.63698Z",
			"deleted_at": null,
			"main_name": "USDoD",
			"aliases": [],
			"source_name": "MISPGALAXY:USDoD",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		}
	],
	"ts_created_at": 1775434466,
	"ts_updated_at": 1775826705,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/47ed7dac1165bb7c22f8a120954a6f3d55fbedee.pdf",
		"text": "https://archive.orkl.eu/47ed7dac1165bb7c22f8a120954a6f3d55fbedee.txt",
		"img": "https://archive.orkl.eu/47ed7dac1165bb7c22f8a120954a6f3d55fbedee.jpg"
	}
}