Ransomware group Icarus hits thecreditpros.com

TheCreditPros' Salesforce instance was breached and 263MB of data were taken from it, including: 01_input_fullcards.csv - 51,691 lines of full-info credit/debit cards: Id,First_Name__c,Last_Name__c,Middle_Name__c,Email__c,Credit_Card__c,CCV__c,Exp_Month__c,Exp_Year__c,SSN__c,DOB__c,Street_Address__c,City__c,State__c,Zip_Code__c,Mobile_Number__c,IP_Address__c,Transaction_ID__c,Status__c,CreatedDate 02_contacts_ssn.csv - 847,990 lines: Id,Name,FirstName,LastName,Email,Phone,MobilePhone,HomePhone,SSN_hidden_field__c,Birthdate,MailingStreet,MailingCity,MailingState,MailingPostalCode,Status__c,Bank_Account_Number__c,Bank_Name__c,Bank_Account_Type__c,CreatedDate 03_creditcards.csv - 722,403 lines: Id,Card_number__c,card_number_hidden__c,cvv__c,expiration_month__c,expiration_year__c,Active__c,BIN__c,Issuing_Bank__c,Prepaid__c,CreatedDate 04_leads.csv - 3,598 liens: Id,Name,FirstName,LastName,Email,Phone,MobilePhone,Street,City,State,PostalCode,Status,CreatedDate Pay or leak! Data stolen: PII, Credit cards

Posted by the Icarus threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.