Brinztech Alert: Database of Esh7enly (Excellent Courier Services) is Leaked

Dark Web News Analysis

A threat alert has been triggered regarding the alleged leak of a database belonging to Esh7enly (also operating as Excellent Courier Services / ECS), a prominent logistics and courier firm based in Cairo, Egypt. The breach was detected on December 1, 2025, by threat intelligence feeds including HackNotice.

Brinztech Analysis:

• The Target: Esh7enly (esh7enly-ecs.com) is a Cairo-based courier service offering domestic and international shipping, warehousing, and COD (Cash on Delivery) services. They utilize mobile apps (“Ashhanly” / “Esh7enly User”) for customer interactions.
• The Vulnerability (“Smoking Gun”): A review of the company’s own Google Play Store application listings reveals a critical security gap: the developer explicitly states “Data isn’t encrypted” in the Data Safety section. This admission suggests that sensitive customer data transmitted or stored by their mobile ecosystem is likely plaintext, making it an easy target for interception or database extraction.
• The Data: The leaked dataset reportedly includes National IDs (NID), Primary Mobile Numbers, Full Addresses, Client Names, and detailed Shipment/Waybill information. This combination is a “fullz” package for identity fraud in Egypt.

Key Cybersecurity Insights

This alleged data breach presents a specific threat to the Egyptian logistics sector and its customers:

• Unencrypted PII Exposure: The presence of “NID” (National ID) and “Waybill” details allows attackers to launch highly credible “Delivery Scam” (Smishing) attacks. Criminals can send SMS messages citing real tracking numbers and names to demand “customs fees” or “address correction” payments.
• Business Operation Disruption: Exposure of “Product Names” and “Delivery Costs” compromises the commercial privacy of Esh7enly’s B2B clients (merchants). Competitors or criminals could use this intelligence to map supply chains or hijack high-value cargo.
• Regulatory Crisis (Egypt PDPL): This breach falls directly under Egypt’s Personal Data Protection Law (PDPL) No. 151 of 2020.
  • Notification: The law mandates reporting breaches to the Data Protection Center within 72 hours.
  • Penalties: Failure to protect sensitive data (like NIDs) can result in fines ranging from 100,000 to 5 million EGP and potential imprisonment for responsible officers.
• Credibility: The breach report aligns with a broader trend of attacks on Egyptian infrastructure in late 2025, as noted by recent threat intelligence on groups like SideWinder expanding operations in the region.

Mitigation Strategies

In response to this claim, Esh7enly and its customers must take immediate action:

• Immediate Password Reset: Users of the Esh7enly/Ashhanly apps should reset their passwords immediately. If the same password was used for other accounts (e.g., email, banking), change those too.
• PDPL Compliance (Notification): Esh7enly must immediately engage legal counsel to comply with Law 151/2020 reporting requirements to avoid severe sanctions.
• Customer Advisory: Proactively warn customers about fake delivery SMS/WhatsApp messages. Advise them that legitimate couriers will never ask for credit card details via a link in an SMS.
• App Security Overhaul: The company must urgently implement TLS/SSL encryption for data in transit and AES encryption for data at rest. The “no encryption” stance is a critical liability that must be remediated in the next app update.

Secure Your Business with Brinztech — Global Cybersecurity Solutions Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com