Egypt Leaks (EG) Group Spills Financial Information from Egyptian Banks

A new cybercriminal group has been discovered targeting financial institutions located in Egypt. The group leaked a large volume of payment data concerning customers of Egyptian banks on the dark web.

The leak of financial information
Researchers from Resecurity are tracking the group as EG Leaks (aka Egypt Leaks).

The activity was first spotted in a Telegram channel created to leak Excel files carrying details of 12,229 credit cards.
The data contained valid details, including e-mail, billing address, first name/last name, bank name, and type of card of multiple customers.
The leaked information included signatures of possible script or parser scrapping entries that may have been used during data exfiltration.
The leak did not contained CVV or Track 2 data, however, it provided valid proof about the data being legitimate. The group is attempting to extort the affected consumers.

Affected banks

The leaked data references the PII of potential customers of major banks such as Credit Agricole Egypt, National Bank of Egypt, Banque Misr, HSBC Bank Egypt, and Alexbank, Bank of Alexandria.
The banking clients are primarily centered in Cairo (70%), Alexandria (12%), Aswan (8%), Giza (7%), Sohag (2%), and Luxor (1%). Additional customers were from Bahrain and Saudi Arabia.

Conclusion
Experts warn that leaked data could be used for identity theft and financial fraud. Hence, it is critical to take action and adequate steps, such as enabling 2FA, to reduce the risks. Additionally, law enforcement authorities are examining this incident for more information.