We previously reported on a threat actor sharing login credentials tied to Algeria’s ECCP platform. In a concerning follow-up, the threat actor known as sanji_shi5 has now posted more sensitive data on the dark web, this time targeting individual Algerian citizens directly.
According to the post, the leaked data covers:
- National ID cards
- Passports
- Driving licenses
- Additional government documents
The hacker also dropped multiple Telegram links where these files can allegedly be accessed. While this leak involves just three individuals, it highlights how quickly attackers move from compromising login details to exposing highly personal records.
It is a stark reminder that breaches don’t always stop at initial access,; attackers often escalate to dumping more sensitive data, putting citizens at greater risk of identity theft and fraud.
CyHawk Africa will keep tracking these developments and continue to advocate for stronger security around national data systems and personal records in Algeria and across North Africa.
Read our initial report on the ECCP credentials breach here