Data Breach Overview
On September 29, 2025, Pharmacie.ma, a Moroccan online portal for pharmacy professionals and the general public, suffered a data breach. The breach, attributed to the threat actor @KaruHunters and shared on DarkForums.st, exposed personal and professional data of 41,772 users.

Where Was the Data Found?
The compromised data was leaked on DarkForums.st, a known cybercrime forum. The leaked dataset appears to be a full SQL export containing user profile information, including:

• Full names

• Emails and hashed passwords

• Phone and mobile numbers

• Professional roles (e.g., pharmacist, student)

• Pharmacy names and addresses

• Birthdates and country

• Newsletter subscription status

• Activation and password reset keys

• Account status (active/inactive)

Sample records confirm the presence of highly identifiable personal and professional data, including full contact details and occupational history.

A Screenshot of the data can be found below:

Company Data Breach History
There are no publicly known previous data breaches associated with Pharmacie.ma before this incident.

Impact and Risks
The exposed data can be exploited for various malicious purposes, including:

• Phishing attacks targeting pharmacists and medical professionals

• Identity theft using detailed personal and birthdate data

• Account takeover attempts, especially if reused passwords are involved

• Business impersonation or fraud, using professional details like pharmacy name and address

Recommendations for Users

If you have an account with Pharmacie.ma:

• Change your password immediately, especially if reused on other platforms

• Enable two-factor authentication (2FA) wherever possible

• Be vigilant of phishing emails or suspicious calls requesting personal info

• Monitor financial and professional accounts for unusual activity

• Avoid using the same password across multiple sites

What is InsecureWeb?

InsecureWeb is a Dark Web monitoring service that keeps track of recent data breaches and tracks their impact by monitoring the darkest places of the internet.

Our commitment lies in providing top-notch cybersecurity services to our clients. Through continuous monitoring of the dark web and advanced threat detection methodologies, we strive to identify potential breaches promptly, enabling swift response and mitigation efforts. With our state-of-the-art tools and expertise, we prioritize the confidentiality, integrity, and availability of our clients’ data.