Trésor Public Listed by AuditTeam Ransomware Group
DGCPT (Direction Générale de la Comptabilité Publique et du Trésor) is Senegal's public treasury authority under the Ministry of Finance, responsible for public accounting, government fund management, cash flow, and public debt operations.
On May 10, 2026, Senegal’s public treasury authority DGCPT appeared on the leak site of the ransomware group AuditTeam. The Direction Générale de la Comptabilité Publique et du Trésor, which manages government accounting, cash flow, public debt, and state funds, had internal files exfiltrated during a ransomware attack.
Confirmed Facts from Reporting
Public reporting indicates that AuditTeam listed DGCPT on its dark-web leak portal and began publishing samples of stolen data. The exposed material consists of internal files; the exact volume and full contents remain unclear. No confirmed count of affected individuals has been released, yet any records containing names, addresses, financial details, or government identifiers could expose ordinary Senegalese citizens whose information passed through the treasury system. The listing date of May 10, 2026 marks the moment the incident became public.
Why This Matters for You and Your Family
When a national treasury is breached, the data involved often includes personal information submitted during tax filings, benefit claims, property registrations, or salary payments for public employees. If your records were part of those systems, the stolen files could contain enough detail to open accounts in your name, file fraudulent tax returns, or target you for phishing and identity theft. Your family members—spouses, children, or elderly relatives listed on joint documents—face the same risk. Even if you live outside Senegal, cross-border family ties or dual citizenship can pull your information into government databases that are now compromised.
The Doxxing and Identity-Chain Implications
Ransomware leaks rarely stop at one dataset. A single exposed government file can link an email address to a national ID, home address, phone number, and employer. Attackers then search for the same identifiers on social media, gaming platforms, and data-broker sites. This creates an identity chain that turns a credential leak into full doxxing. Credential leaks like this one cascade into account takeovers on personal email, banking apps, and children’s gaming accounts that reuse the same passwords or security questions. Once the chain begins, it is difficult to stop without deliberate, ongoing effort.
AuditTeam’s Publicly Known Track Record
Public reporting attributes the group’s emergence to 2024. AuditTeam has listed hospitals, local governments, and private companies across several countries. Their typical playbook starts with initial access gained through phishing or exploited remote-desktop services, followed by exfiltration of sensitive files and deployment of ransomware. When victims do not pay, the group publishes samples and eventually large portions of the stolen data on their leak site, applying pressure through public embarrassment and the threat of further leaks. Exact success rates and ransom demands remain opaque, but the pattern of listing state-linked entities like DGCPT fits their publicly observed operations.
What to do
- Run a DoxxScan to map every link between your handles, emails, phone numbers, and real identity, then use the no-subscription cleanup of Warden to break those chains.
- Rotate any password you ever used on Senegalese government portals or related services, and enable 2FA through an authenticator app rather than SMS.
- Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next exposure of your data is caught in hours, not months.
- Cover the household—DoxxScan family coverage extends to dependents and children’s gaming accounts that often chain back to the same address or parent email.
- Let remediation specialists handle takedown requests across data brokers and leak sites for you while you focus on securing day-to-day accounts.
The incident shows that even national financial authorities can be hit and that the resulting data can reach criminals within days. A single breach like DGCPT’s can quietly feed months of targeted fraud against ordinary families. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4B+ breach records and 100+ platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and household coverage that includes children’s gaming accounts. Starting that process promptly gives you the best chance of limiting damage before the next wave of misuse begins.
Related breaches
seprec.gob.bo Listed by krybit Ransomware Group
SEPREC (Servicio Plurinacional de Registro de Comercio / Plurinational Commercial Registry Service) …
Virginia Historical Society Listed by thegentlemen Ransomware Group
***.org zoominfo.com/c/virginia-historical-society/184942664 is the digital platform for the Virgini…
CSIR Structural Engineering Research Centre Listed by thegentlemen Ransomware Group
***.res.in zoominfo.com/c/csir-structural-engineering-research-centre/372543677 CSIR-Structural Engi…
A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.
⚠ Were you in this breach?
Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.
Check my email — free →