Cyber Incident Victim: iVoy
Date:
Jul 2020
Location:
Mexico
Summary
A Mexican logistics startup experienced a significant data breach compromising over 127,000 user accounts, with exposed information including emails and associated passwords. The compromised credentials were subsequently leaked on a public online forum, potentially exposing affected individuals to credential-based attacks. The incident drew public attention after being disclosed in cybersecurity reporting circles, highlighting risks to customer data within the delivery service sector.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around July 28, 2020, Mexican logistics startup iVoy experienced a data breach compromising user account credentials. The incident involved unauthorized exposure of 127,432 user accounts containing email addresses and associated iVoy passwords. These credentials appeared publicly on an online forum, though the specific platform was not disclosed in available reports. The breach announcement surfaced publicly on the same Tuesday it was reported, indicating rapid disclosure of the compromise. No details were provided regarding the duration between initial system intrusion and public exposure, nor were technical specifics about the attack vector or intrusion methods confirmed in source material.
The exposure of authentication credentials created immediate risks of credential stuffing attacks and unauthorized account access for affected users. iVoy faced operational and reputational challenges following the breach disclosure, described as requiring significant response efforts, though specific containment actions or forensic investigations were not detailed in available sources. The incident impacted a substantial portion of iVoy's user base, given the scale of exposed records relative to typical startup customer volumes. No information was confirmed regarding secondary consequences such as financial fraud, ransomware deployment, or system downtime. Public reporting emerged through cybersecurity news outlets rather than official company statements, based on the limited available evidence.