A threat actor, Al-Sheikh, is selling the database of Unique Personnel, a South African recruitment agency, on a darkweb forum. The database allegedly contains:
User credentials from the tbl_auth_users table, including usernames, passwords, email addresses, and roles.
Client information from the tbl_clients table, which includes company names, contact details, and account-related data.
Job seeker details from the tbl_candidate_personal_info table, exposing names, birthdates, gender, ethnicity, education, and contact information.
The seller also shared a Pastebin link for further details and is encouraging interested buyers to contact them.
This breach exposes thousands of individuals and companies to risks such as identity theft, fraud, and phishing attacks.