Tenacious Marketing USA, a California-based company providing printing, graphic design, and marketing services, has allegedly suffered a significant data breach. A threat actor has posted a database containing what they claim are 414,000 unique user records for sale on a dark web forum. The company, which handles marketing and distribution for its clients, appears to have had sensitive customer relationship management (CRM) data exposed.
The data was advertised on a popular hacking forum and includes a wide array of personally identifiable information (PII) and highly sensitive details. The sample data provided by the seller suggests the information pertains to individuals who may have been involved in accidents, potentially for lead generation purposes for law offices. The exposure of such personal data puts the affected individuals at a severe risk of targeted phishing attacks, identity theft, and other fraudulent activities.
The threat actor claims the breach contains a large volume of records, and the sample data indicates the types of information allegedly compromised include:
- Full Name
- Phone Number and Mobile
- Full Address (Address 1, City, State, Zip Code)
- Email Address
- Date of Birth
- Accident State and Category
- Date of Injury
- Hospital Name
- Law Office Details
- Lead Status
