Chum1ng0 - Security Research 

Cuba: 63,564 AIS Remittances Clients' information was exposed on an unsecured server.

What did the unsecured server expose?

Customer affidavits, IDs, and debit cards.

The affidavits contained:

This affidavit contained client information, such as: name, mobile phone number, telephone number, email address, address, country, province, city, town, postal code, date of birth, country of birth, passport number, country of issue, and expiration date.

You may also notice that there was a section called "Beneficiaries," which included the beneficiary's name, their ID number, and the reason for the transfer, which in all cases was "family support."

I tried to notify the company, but their aisremesascuba email address was unavailable. I notified CIMEX S.A., and within a few days, access was blocked.

Those affected (Customers) by this breach may be at risk of scams because the server has been exposed since March 2025.

https://www.security-chu.com/2025/10/AIS-Remesas-Cuba-%20expone-145GB-en-servidor-sin-seguridad.html

#Cuba #cybersecurity #databreach #misconfiguration

Chile: Bashe ransomware robó 10GB de datos a SEIT y filtró correos de Pacific Reps

Ciberseguridad-Noticias- Latinoamérica: Bashe ransomware atacó a esta empresa chilena

Oct 22 at 9:39pmWeb
Show threadDissent Doe  Oct 22
@chum1ng0 Good job getting it closed down.