Dangerous Drugs Board Allegedly Breached, Sensitive Drug and Rehabilitation Records Exposed Online
A threat actor has claimed responsibility for a data breach involving the Dangerous Drugs Board (DDB), raising concerns over the security of sensitive government-held information.
The actor, identified as “Ch4nc3ll0rx_1337,” alleged that unauthorized access was gained to one of the agency’s web systems, leading to the exfiltration of approximately 900 MB of data. The dataset reportedly contains 1,719 documents associated with drug-related records, rehabilitation efforts, and cases of drug dependency.
Initial validation indicates that the exposed data includes several categories of sensitive information. These reportedly involve drug records, documentation from rehabilitation centers, reports of admission, and physician-related data tied to treatment and case handling.
Further analysis of the dataset shows a substantial volume of files. There are 1,161 report submission files in PDF and image formats, alongside 161 individual entries relating to drug users or dependents. Records tied to rehabilitation centers account for 288 files, each containing multiple data entries, including details of facilities and authorized personnel. Additionally, 24 files categorized under messages were identified, consisting of PDF, image, and Word document formats.
The threat actor also stated that the dataset contains both personal information and sensitive personal information, potentially affecting individuals undergoing rehabilitation and those involved in medical or administrative processes.
To support the claim, proof-of-compromise materials were released, including defacement screenshots and sample files, as well as a download link allegedly containing the exfiltrated data. These disclosures appear intended to demonstrate access and validate the breach.
As of this writing, there has been no official statement from the Dangerous Drugs Board regarding the incident.
