Search TorNews

Find cybersecurity news, guides, and research articles

Popular searches:

Home » News » Data Breaches » Hacker Claims to Sell Alleged ExpressSolutionsCuba Customer Database

Hacker Claims to Sell Alleged ExpressSolutionsCuba Customer Database

By:
Last updated:July 11, 2026
Human Written
  • A threat actor claims to be selling customer data allegedly taken from Cuban online shopping platform ExpressSolutionsCuba.

  • The seller reportedly shared a sample of the alleged records, but no one has verified the claims.

  • ExpressSolutionsCuba has not confirmed a data breach or released a public statement at the time of writing.

Hacker Claims to Sell Alleged ExpressSolutionsCuba Customer Database

A threat actor has allegedly put customer data linked to Cuban e-commerce platform ExpressSolutionsCuba up for sale on an underground cybercrime forum.

According to Daily Dark Web Intelligence, the seller claims to have obtained customer information from the online shopping service. The post also says the threat actor shared a sample of the alleged records while advertising the full database to potential buyers.

At the time of writing, no independent party has confirmed the claims. There is also no public evidence showing that ExpressSolutionsCuba has suffered a data breach. ExpressSolutionsCuba serves customers across Cuba through its online shopping and delivery service.

The platform sells products such as groceries, electronics, home items, personal care products, and household appliances. The service also helps Cubans living abroad buy goods online and send them to family and friends on the island. That has made the platform a popular choice for cross-border shopping.

Threat Actor Claims Customer Data is Available for Sale

Daily Dark Web Intelligence reported that the threat actor is offering what they describe as customer-related information from ExpressSolutionsCuba. The post says the seller published a sample of the alleged dataset to support the sale.

The complete records are reportedly being offered through underground channels. Even so, the claims remain unverified. No public report has confirmed that the information came from ExpressSolutionsCuba. The company has also not announced any security incident involving its systems or customer records.

The exact contents of the alleged dataset are still unknown. No details have been released confirming what information may be included. It is also unclear whether the records contain customer names, contact details, account information, or other personal data. Underground forums often feature listings that claim to contain stolen databases. However, not every post turns out to be genuine.

Some threat actors exaggerate the value of their data. Others repost information from older leaks. Some even create fake listings to attract buyers or build a reputation in cybercrime communities.

The same caution applies to other unverified claims; a hacker has alleged the sale of 638,000 federal bank records. For that reason, security researchers usually treat these claims with caution until more evidence becomes available.

A sample of data alone does not prove that a breach happened. Researchers generally look for more evidence before confirming an incident. That may include technical analysis, confirmation from the affected company, or a review of the alleged records. Until then, the reported sale should be treated as an unverified claim.

Company Yet to Confirm Any Security Incident

ExpressSolutionsCuba has not released a public statement about the alleged sale. The company has also not confirmed that attackers accessed its systems or customer information. Without confirmation from the company or independent researchers, there is no proof that customer data has been exposed.

Still, reports like this often receive attention because they can sometimes serve as an early warning. Organizations sometimes discover unauthorized access only after stolen information appears on underground forums or cybercrime marketplaces. For that reason, companies often review these claims carefully, even when they have not yet been verified.

A prompt investigation can help determine whether someone gained unauthorized access to internal systems. It can also help identify any affected accounts before more information becomes public.

Customers Should Stay Alert While Claims Remain Unverified

Although the alleged breach has not been confirmed, customers should remain cautious until more information becomes available. Cybercriminals sometimes use personal information from suspected data leaks to support phishing scams and other online fraud.

Attackers may send emails or text messages that appear to come from trusted businesses. They may also make phone calls to trick people into sharing passwords or other sensitive details.

Customers should be cautious if they receive unexpected messages asking for personal information or account credentials. It is safer to contact the company directly through its official support channels before responding to any unusual request.

Organizations that operate online shopping services should also review their systems after claims like these appear. They can examine account activity, review login records, monitor administrator accounts, and look for signs of unauthorized access.

Early investigations can help reduce the impact of a security incident if one is later confirmed. For now, the reported sale involving ExpressSolutionsCuba remains an allegation posted on an underground forum.

Neither the company nor independent security researchers have confirmed that the advertised dataset is authentic. Until new evidence becomes available, there is no verified proof that customer information from ExpressSolutionsCuba has been compromised.

As investigations continue, more details may emerge about the reported listing. Until then, the claims should be treated with caution and viewed as unverified.

Share this article

About the Author

Joahn G

Joahn G

Cyber Threat Journalist

Joahn is a cyber threat journalist dedicated to tracking the evolving landscape of digital risks. His reporting focuses on ransomware gangs, data breach incidents, and state-sponsored cyber operations. By analyzing threat actor motives and tactics, he provides timely intelligence that helps readers understand and anticipate the security challenges of tomorrow.

View all posts by Joahn G >
Comments (0)

No comments.