The data was stolen from the CityBee car-sharing platform, specifically from a backup database that had been left publicly accessible on a server [1, 5].
Use services like Have I Been Pwned to see if your email address has appeared in "duombaze.rar" or other public breaches. duombaze.rar
Immediately update passwords for any accounts that reused the credentials found in the leak [1]. The data was stolen from the CityBee car-sharing
Activate two-factor authentication on all sensitive accounts (email, banking, social media) to add a layer of protection beyond just a password [5]. personal identification numbers (ID codes)
The leaked archive contained user names, surnames, personal identification numbers (ID codes), email addresses, phone numbers, and hashed passwords [1, 3]. It did not include payment card details [3, 4].