A threat actor, sanji_shi5, posted on a dark web forum, claiming to have exposed login credentials linked to ECCP accounts, the online platform that lets Algerians check their Algeria Post balances and make purchases.
According to the post, the leaked data includes multiple user identifiers and access details that could allow cybercriminals to log into ECCP accounts and potentially misuse customer balances or personal information. A snippet of the data shared in the forum already contained several account references and associated strings that appear to be partial login details.
The attacker provided a small sample for download, inviting others to explore or purchase more. This incident highlights ongoing concerns around the security of financial and postal platforms in Algeria, especially those handling personal user data.
As of now, Algeria Post has not issued an official statement on the breach. Users are strongly advised to monitor their ECCP accounts for any suspicious activities, update their passwords, and stay alert to phishing attempts.