Brinztech Alert: The Alleged Database of Mercantil is on Sale

Dark Web News Analysis

The dark web news reports a targeted data sale involving Mercantil, a prominent Chilean corporate directory service. A threat actor on a hacker forum is selling a database allegedly containing 412,000 corporate records.

The seller is asking $904 USD for the dataset and encourages the use of an escrow service, communicating via encrypted apps like Telegram and Session. The database is described as highly detailed, containing 18 fields per entry. These fields include Legal Identities, Geographic Data, Direct Phone/Email Lines, and critically, Executive Representative Details. This suggests the data provides a deep structural map of the Chilean business landscape.

Key Cybersecurity Insights

Breaches of corporate directories are “Tier 1” Business-to-Business (B2B) threats because they provide the raw material for sophisticated social engineering at scale:

• CEO Fraud (Whaling): The exposure of Executive Representative Details alongside Direct Phone Lines is the primary danger. Attackers can use this data to impersonate a CEO or CFO, contacting finance departments with urgent wire transfer requests (Business Email Compromise). The accuracy of the data (using real names and titles) makes the deception difficult to spot.
• Supply Chain Phishing: Because Mercantil is a directory of suppliers and businesses, attackers can use the data to launch “Supply Chain” attacks. They can pose as a listed vendor and send fake invoices or malware-laden “Product Catalogs” to thousands of potential partners found in the database.
• Corporate Identity Theft: The inclusion of Legal Identities allows criminals to impersonate companies in official capacities—for example, filing fraudulent tax returns or applying for government grants in the victim company’s name.
• The “Escrow” Factor: The seller’s insistence on Escrow and the specific price point ($904) suggests the data is likely high-quality and verified, rather than a messy public scrape. This attracts professional cybercriminals looking for reliable leads.

Mitigation Strategies

To protect the Chilean business community, the following strategies are recommended:

• Verification Protocols: Finance teams in listed companies should strictly verify any payment request coming from executives via secondary channels (e.g., a voice call on a known internal line), especially if the request involves “urgent” foreign transfers.
• MFA Enforcement: Implement Multi-Factor Authentication (MFA) on all corporate email accounts to prevent attackers from hijacking the executive identities exposed in the leak.
• Data Scrubbing: Companies listed on Mercantil should review their public profiles and request the removal of sensitive direct lines or private executive emails if they are not necessary for public business.
• Phishing Simulation: Conduct security training specifically focused on B2B scams, teaching employees to scrutinize unsolicited invoices or partnership offers.

Secure Your Business with Brinztech — Global Cybersecurity Solutions

Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback?

For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com