What Happened
In 2025, the threat actor “Satanic” leaked data from Tracelo, a mobile geolocation tracking service, exposing over 1.4 million users’ records including full names, phone numbers, email addresses, passwords (with bcrypt hashes for some), physical addresses, login dates, Google ID numbers, subscription details, and location data, divided into three CSV files and posted on BreachForums. The breach stemmed from an attack in September 2024, with no public response from Tracelo, heightening risks of phishing, vishing, scams, identity theft, and unauthorized tracking. No confirmed connection exists to a specific “URL-LOGIN-PASS SATANIC PRIVATE” dataset in 2025, though “Satanic” was linked to separate URL-login credential leaks (e.g., 900M records from cloud/Telegram sources, 2.5M private URLs on January 2, 2025) without precise dates or company ties matching the query.
