A threat actor claimed they have and are selling data of two different U.S. local authorities in a dark web forum.

The first one is U.S. local authority in Durango (durangoco.gov). The threat actor has claimed that another threat actor breached via a vulnerability in the website of the local authority three months ago, and they just started publishing data yesterday (Oct. 20). The data allegedly contains names, user email, phone number, business email, business address, and more.

The other incident is from the same threat actor again, the threat actor claimed a data leakage of U.S. local authority in Louisiana (doa.la.gov or louisiana.gov). Likewise, the threat actor claimed that the database exploited by another threat actor. The data allegedly contains same information like Durango local authority.