The ticketing platform DeBoleto.mx has confirmed that it was the target of a cyberattack that resulted in the exposure of personal data of over 84,000 users in Mexico. Christopher Mendoza, the company's director, communicated to Publimetro Mexico that the leakage of clients' private information was detected. To counter this situation, the affected individuals have been notified, relevant authorities have been informed, and a forced password change has been implemented as a security measure. Additionally, the digital infrastructure has been reinforced to prevent future incidents, and it has been confirmed that financial information was not compromised.
Regarding the leakage, it has been verified that the exposed records contain data of purchases made through Openpay, the payment processor for DeBoleto.mx. This data could be used by cybercriminals to carry out financial phishing attacks, where legitimate communications are simulated to deceive victims and obtain their banking information.
The leakage in question was detected after the complete database of DeBoleto.mx appeared on clandestine hacker forums, where anyone can access it to download or acquire the information. Five key files have been identified which reveal detailed information about each user, such as personal data, purchase history, and configuration of acquired events, among others. The first hacker to leak this database was Nick Diesel, known for publishing data of Mexicans on the dark web and for having sold databases from various institutions in the past.
Cybersecurity experts have pointed out that, despite DeBoleto's assurance that banking data was not compromised, attackers could exploit this information to commit identity theft and scam affected users. Victor Ruiz, a certified cybersecurity analyst and founder of SILIKN, previously warned that such leaks pose a significant risk, as they can facilitate phishing attacks directed at the same users of the platform.
