Cyber Threat Actor: tomholland
| Actor Type | Location | Known Incidents |
Criminal
|
—
|
1 incident |
|---|
Profile
The threat actor operating under the alias "tomholland" has been publicly linked to at least one significant data breach affecting a Taiwanese employment services platform. In July 2019, this actor claimed responsibility for compromising a job bank's database and leaking approximately 200,000 user records containing personally identifiable information. The exposed data included names, birthdates, contact details, and physical addresses. Samples of the stolen information were posted on RaidForums, a now-defunct cybercrime forum known for trading breached datasets. While the targeted organization confirmed the incident and initiated an investigation with authorities, the complete scope of impacted users remained unclear during initial reporting stages. This operation demonstrates the actor's engagement in unauthorized data exfiltration and public dissemination of sensitive records through established underground channels.
Available evidence indicates a focus on commercial entities holding substantial volumes of consumer data, with Taiwan representing the sole confirmed geographic target based on documented activities. The compromise of employment sector data aligns with patterns of economically motivated cybercrime, though no explicit financial objectives or ransom demands were disclosed in public reports. Tactical details regarding intrusion methods remain unspecified in source material, with the actor's operational signature limited to post-compromise actions involving forum-based data disclosure. The public claim of responsibility coupled with data samples suggests an intent to establish notoriety within criminal communities. No attributions to state-sponsored groups or formal criminal organizations have been substantiated in open-source reporting related to this alias.
