On September 2nd, the Iranian Taxi Service Tapsi was targeted by a malicious attack, exposing the personal information of 27 million passengers and 6 million drivers, which in total make up a third of the country's population<p>These details include Internal User ID, First and last names, phone numbers, home cities, and email addresses, and device information<p>Over 136 million trips with exact trip start and destination which user's home addresses can be extracted from<p>Tapsi's Internal codebases and source code have also been leaked<p>A sample of the breach has been published in a Telegram channel<p>The breach is being sold for $35k