A threat actor known as Evil_BYTE_Officiel has posted what they claim is a full database dump of the FNBT Maroc (Maghreb) in Morocco on a dark web forum. Unlike typical ransomware posts, this data was shared for free, encouraging anyone to download and exploit it.
According to the post, the leaked database contains sensitive corporate and contact details such as:
- Company IDs and registration numbers
- National and regional codes
- Business names and sectors
- Subscription amounts
- Responsible persons’ names
- Addresses, phone numbers, fax, GSM, city, and emails
A sample record in the post exposed individual names, business addresses in Rabat, phone numbers, and emails — data that could easily be used for fraud, targeted phishing, or competitive intelligence.
This incident highlights how criminal actors sometimes release valuable datasets not for ransom, but simply to build reputation or sow chaos. It also underlines the importance for businesses across Morocco and the broader Maghreb region to secure customer and partner data against breaches that can lead to long-term reputational harm.
CyHawk Africa will continue monitoring this leak and provide updates if more structured datasets or broader exploitation trends appear.