Hackers put 8M records of Mexicans’ debt data up for sale

Published: 28 October 2025
Last updated: 29 October 2025
Mexicans data breach

A cybercriminal claims to be selling a massive database of over eight million records containing the personal details of Mexican debtors.

The threat actor claims to have infiltrated Mexican debt collection institutions, which specialize in recovering overdue payments from customers.

“Today I bring a fresh leak from Mexico. This time, it’s the database of Mexican bank debtors,” the post on a well-known cybercrime forum read.

ADVERTISEMENT

According to the claims, the dataset contains over eight million lines of sensitive personal and financial data covering the years from 2023 to 2025. The threat actor set a price tag on the dataset for interested buyers.

“The database belongs to a group of collection agencies, which I will not mention because I still have access to their systems,” says the threat actor.

They provided data samples of the stolen dataset, which the Cybernews research team has inspected.

What data was allegedly stolen?

  • Full name
  • Debt amounts
  • Full address
  • Date of birth
  • CURP (Clave Única de Registro de Población) – Mexico’s identification number for individuals
  • Telephone number
  • Bank
  • Financial product
  • Date of assignment of overdue portfolio

Potentially exposed CURP numbers are a particular cause of concern. CURP is an ID number provided by the Mexican government to Mexican citizens and residents. It serves a similar purpose as the Social Security number in the US.

A CURP number could be exploited for identity theft and fraud in the hands of threat actors. From gaining access to further sensitive information to impersonating a person to open bank accounts, quite a few illegal activities are possible that can put victims at risk.

“The data leak could lead to identity theft, fraud, and social engineering attacks. However, based on the sample alone, it is not fully clear how the data was obtained or where it came from,” our researchers explained.

ADVERTISEMENT

Mexican data exposed

This isn’t the first time that Mexican nationals' data has been dumped online. Nearly nine million personal records of Mexicans were previously exposed in a massive leak from an unknown source, as Cybernews uncovered in May.

In November last year, the Government of Mexico was the victim of an apparent ransomware attack, as the RansomHub cybercriminal gang claimed to have breached the nation’s official federal website.

The Mexican government’s gob.mx website address was posted on the ransomware group’s leak site on the dark web. The Russian-linked cartel claimed to have exfiltrated 313GB of information from the website’s servers.

Cybernews research also discovered that over five million patients in Mexico were left at risk following a data leak from the hospital's information systems caused by a missing password.

The leaked database contained 500GB of sensitive data, which exposed 5.3 million individuals across Mexico – around 4% of the country’s population.

Screenshot of threat actors claims
Screenshot by Cybernews.

Unlock more exclusive Cybernews content on YouTube.

ADVERTISEMENT
Share
Post
Share
Share
Share
More from Cybernews
Meta has quietly shipped the technology needed for facial recognition glasses
Hackers getting an easy ride: misconfigured cloud settings behind growing number of data breaches
Anthropic claims AI is too fast and needs to hit the brakes: let’s take it with a pinch of salt
US lawmakers push new bill on AI safety, state law limits, worker protections
Pewdiepie declares war on big tech following the release of his free and local AI workspace
California tech CEO busted for selling forbidden US technology to Iran’s nuclear agency
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked