Brinztech Alert: Alleged Database of APMEX (Precious Metals Dealer) is on Sale

Dark Web News Analysis

A threat actor on a known cybercrime forum is advertising the alleged sale of a database belonging to APMEX (American Precious Metals Exchange), one of the largest online retailers of gold and silver in the United States. The dataset is claimed to contain 3.5 million records with a “Leak Date” of 2025.

Brinztech Analysis:

• The Target: APMEX is a high-value target. It serves a demographic of investors who often hold physical assets (gold/silver bullion) at their homes or in private storage.
• The Data: The leak reportedly includes:
  • Full PII: Names, Addresses, Phone Numbers, Emails, DOB, Gender.
  • Transactional History: Detailed order logs, “metal rebates” (likely referring to Bullion Club rewards), and “Gold & Silver Club” membership status.
• The Credibility: The specific mention of “Gold & Silver Club” (APMEX’s loyalty program tiers) and “metal rebates” adds a layer of credibility to the claim, as these are internal business logic terms specific to APMEX. The “Leak Date: 2025” suggests this is a fresh or ongoing exfiltration.
• Physical Risk: Unlike a standard crypto exchange breach, an APMEX breach exposes the physical delivery addresses of high-net-worth individuals known to purchase tangible, untraceable assets. This creates a unique risk of home invasion or burglary (“$5 wrench attack”).

Key Cybersecurity Insights

This alleged data breach presents a critical threat to the physical and financial safety of investors:

• High-Value Target Exposure: The leaked data exposes detailed profiles of high-net-worth individuals. “Gold & Silver Club” members are, by definition, frequent or high-volume buyers. This list serves as a “treasure map” for physical thieves and sophisticated scammers.
• Comprehensive PII & Transactional Data: The combination of identity data with purchase history allows for highly credible spear-phishing. Attackers can impersonate APMEX support, referencing real recent orders or “rebate” issues to steal payment details or account credentials.
• Ambiguous Leak Date: The “Leak Date: 2025” is unusual; it likely signifies the data is current to this year, implying the breach is either recent or the actor has maintained long-term access to the customer database.
• Risk of Account Takeover: With full PII and order history, attackers can easily bypass knowledge-based authentication (KBA) questions to take over accounts and redirect future bullion shipments.

Mitigation Strategies

In response to this claim, APMEX customers and the company must take immediate action:

• Physical Security Awareness: Customers should be vigilant regarding the security of their delivery addresses. If you store bullion at home, consider moving it to a secure vault or bank deposit box. Be wary of unsolicited deliveries or “verification” visits.
• Enhanced Anti-Phishing: APMEX should proactively notify customers to be skeptical of any communication regarding “rebates,” “membership upgrades,” or “order holds.” Verify all claims by logging into the official site directly.
• Account Security: Enforce Multi-Factor Authentication (MFA) on all customer accounts immediately. Users should change their passwords, especially if reused from other sites.
• Data Minimization Audit: APMEX should conduct an audit to determine if historical transaction data needs to be accessible in the “hot” web database. Archiving old order details can reduce the impact of a live database breach.

Secure Your Business with Brinztech — Global Cybersecurity Solutions Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com