Brinztech Alert: The Alleged Database of Lyleoo is on Sale

Dark Web News Analysis

The dark web news reports a significant data breach involving Lyleoo, a platform described as a “short health circuit.” A threat actor on a hacker forum is selling a database allegedly containing approximately 900,000 user records.

The seller is asking for €800 in cryptocurrency and provides portal access as proof. The compromised data is formatted as a CSV file and includes highly sensitive Personally Identifiable Information (PII): IDs, Full Names, Ages, Dates of Birth, Phone Numbers, Physical Addresses, Postal Codes, Cities, Countries, and Email Addresses. Disturbingly, the advertisement explicitly promotes the data as being “good for scamming,” indicating the attacker’s clear intent to facilitate fraud.

Key Cybersecurity Insights

The explicit marketing of this data for “scamming” purposes, combined with the detailed demographic data (Age, DOB), creates a high-risk environment for affected individuals:

• Targeted Health & Wellness Scams: Because the platform is linked to “health circuits,” attackers can leverage the Age and Health Context to target vulnerable demographics (especially the elderly) with specific scams. Examples include fake offers for medical supplements, “miracle” cures, or fraudulent health insurance renewals that appear to come from a trusted local source.
• “Grandparent” Scams: The availability of Ages and Family Names allows scammers to execute “Grandparent Scams” (distress calls posing as a grandchild in trouble) with greater precision, targeting individuals known to be in older age brackets.
• Identity Theft & KYC Fraud: The combination of Full Name, Date of Birth, and Physical Address provides the “Fullz” needed to bypass Know Your Customer (KYC) checks. Criminals can use this data to open bank accounts or take out loans in the victim’s name.
• Sector-Wide Vulnerability: The threat actor referenced recent incidents involving FFHAND (French Handball Federation) and FFVOLLEY, suggesting a pattern of attacks targeting associations or platforms potentially sharing a common software provider or infrastructure in the French-speaking market.

Mitigation Strategies

To protect personal privacy and prevent targeted fraud, the following strategies are recommended:

• Scam Education: Users must be urgently informed that criminals may contact them by phone or email posing as Lyleoo or health officials. Emphasize that legitimate organizations will not ask for sensitive data via these channels.
• MFA Enforcement: Lyleoo (and any related portals) should enforce Multi-Factor Authentication (MFA) to prevent the compromised emails and passwords from being used for account takeover.
• Credit Monitoring: Given the exposure of DOBs and addresses, affected individuals should monitor their bank statements and credit reports for unauthorized activity.
• Infrastructure Review: If Lyleoo shares IT providers with the other mentioned victims (FFHAND/FFVOLLEY), a wider audit of that third-party vendor is critical to stop the bleeding.

Secure Your Business with Brinztech — Global Cybersecurity Solutions

Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback?

For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com