What Happened
In 2023, belielektronik.rs, an online electronics store in Serbia, suffered a data breach when hacker “sumo” gained unauthorized access to a database containing approximately 664MB of sensitive information, including IDs, Taxpayer Identification Numbers (NIP), names, dates, remarks, previous remarks, differences, reductions, confirmations, ranks, positions, job types, TPPs, TMT absences, and unit codes. InsecureWeb’s dark web scanning team detected the incident in August 2023, after which the stolen data was published on the dark web forum Cronos.li. Additional compromised datasets from the same breach included about 353MB with unique identifiers, NIP, names, dates, job types, TPP, TMT, absences, and sequence numbers, plus 331MB featuring user IDs, titles/positions, names, surnames, emails, passwords, telephone numbers, dates, confirmations, and GDPR consent forms. No specific number of affected records was reported, but the exposure of this personally identifiable information posed significant risks for identity theft and fraud.
