Global Corporations Hit by Surging Wave of Data Breaches, Data Dumped on Dark Web

Several reports popping up online suggest this week is a busy one for cybercriminals. There have been lots of alleged fresh data breaches surfacing on the dark web, with big names in tech and finance at the top of the list.

The leaks could expose everything from company secrets to your personal shopping details. Let’s break down what’s been found.

Alleged Corporate Source Code and Client Data Exposed

Two major tech companies appear to be in the crosshairs this week. The first is Axtria, a global cloud software and data analytics firm. A threat actor is claiming full responsibility for a breach.

They say they’ve stolen Axtria’s proprietary source code. A review of the shared files suggests it’s a massive haul. It includes internal development repositories for sales platforms and analytics modules.

Even AI-driven product work seems to be part of the leak. Backend infrastructure details like database schemas are also exposed. This isn’t just data; it’s the company’s core intellectual property.

Another target is Salesfloor, a Canadian SaaS company that works with retailers. The ransomware group LAPSUS$ claims they hit Salesfloor and grabbed about 4 terabytes of data — we’re talking source code, SQL databases, and system logs. That’s a lot of sensitive info. But it gets more serious for shoppers.

The data also holds customer PII from Salesfloor’s retail clients. This means names, emails, phone numbers, and CRM IDs. The hacker posted even named specific well-known brands affected.

Financial Data and User Records Up for Sale

Beyond corporate espionage, personal financial data is also on the menu. On one dark web forum, a threat actor is selling a database linked to the popular investment platform Republic. 

The seller claims that the data breach took place in late January and is offering almost 5 million user records for a low price. Allegedly, the data comprises personal information of Republic users, emails, full names, home addresses, and phone numbers inclusive.

In a separate listing, another auction is targeting consumers directly. A seller is offering 1,000 credit cards from multiple regions. The cards are from the US, UK, Europe, and Asia.

This proliferation of stolen data extends beyond finance and retail into highly sensitive sectors, as seen in recent attacks like the ransomware breach at a Columbia medical practice that exposed Social Security numbers of thousands of patients.

The listing claims a 60 percent validity rate for these cards. The sale is positioned like an auction with a starting bid of $1,000. There’s a “buyout” option of $2,000, and anyone who can offer this amount can skip the bidding.

According to the threat actor, the offering will be active till February 28, 2026. This suggests the potential buyers have time to bid to get the stolen financial data.

What’s Next for You?

These posts show the rate at which Cybercriminals are going after both corporate secrets and consumer data. The alleged breaches at Axtria and Salesfloor could hurt their competitive edge and client trust.

For individuals, the Republic and credit card listings are a stark reminder. Criminals can get access to very valuable personal data on the dark web; therefore, you must secure your personal data. In addition, review your personal account statement on a regular basis and watch for fraudulent emails.

Heads up, though – these alleged leaks were only published as posts on dark web posts; the companies involved have yet to confirm publicly that the incidents actually happened. Still, how detailed these claims are raises concerns among customers who patronize these companies.

Cyberattacks rain like water these days, so staying informed is your first line of defence. If you’re a customer of any of these companies, watch out for suspicious emails or texts claiming to offer customer support. Companies generally will contact you personally if your information has been compromised.