Back to Blog
high severity May 10, 2026 · scope unconfirmed

Trésor Public Listed by AuditTeam Ransomware Group

DGCPT (Direction Générale de la Comptabilité Publique et du Trésor) is Senegal's public treasury authority under the Ministry of Finance, responsible for public accounting, government fund management, cash flow, and public debt operations.

⚠ Were you affected?
Free email scanner — we check your address against 15.4B+ leaked records in 15 seconds.
Run free scan →
Severity High
Disclosed May 10, 2026
Affected Unconfirmed
Data exposed Internal files exfiltrated in ransomware attack

On May 10, 2026, Senegal’s public treasury authority DGCPT appeared on the leak site of the ransomware group AuditTeam. The Direction Générale de la Comptabilité Publique et du Trésor, which manages government accounting, cash flow, public debt, and state funds, had internal files exfiltrated during a ransomware attack.

Confirmed Facts from Reporting

Public reporting indicates that AuditTeam listed DGCPT on its dark-web leak portal and began publishing samples of stolen data. The exposed material consists of internal files; the exact volume and full contents remain unclear. No confirmed count of affected individuals has been released, yet any records containing names, addresses, financial details, or government identifiers could expose ordinary Senegalese citizens whose information passed through the treasury system. The listing date of May 10, 2026 marks the moment the incident became public.

Why This Matters for You and Your Family

When a national treasury is breached, the data involved often includes personal information submitted during tax filings, benefit claims, property registrations, or salary payments for public employees. If your records were part of those systems, the stolen files could contain enough detail to open accounts in your name, file fraudulent tax returns, or target you for phishing and identity theft. Your family members—spouses, children, or elderly relatives listed on joint documents—face the same risk. Even if you live outside Senegal, cross-border family ties or dual citizenship can pull your information into government databases that are now compromised.

The Doxxing and Identity-Chain Implications

Ransomware leaks rarely stop at one dataset. A single exposed government file can link an email address to a national ID, home address, phone number, and employer. Attackers then search for the same identifiers on social media, gaming platforms, and data-broker sites. This creates an identity chain that turns a credential leak into full doxxing. Credential leaks like this one cascade into account takeovers on personal email, banking apps, and children’s gaming accounts that reuse the same passwords or security questions. Once the chain begins, it is difficult to stop without deliberate, ongoing effort.

AuditTeam’s Publicly Known Track Record

Public reporting attributes the group’s emergence to 2024. AuditTeam has listed hospitals, local governments, and private companies across several countries. Their typical playbook starts with initial access gained through phishing or exploited remote-desktop services, followed by exfiltration of sensitive files and deployment of ransomware. When victims do not pay, the group publishes samples and eventually large portions of the stolen data on their leak site, applying pressure through public embarrassment and the threat of further leaks. Exact success rates and ransom demands remain opaque, but the pattern of listing state-linked entities like DGCPT fits their publicly observed operations.

What to do

  • Run a DoxxScan to map every link between your handles, emails, phone numbers, and real identity, then use the no-subscription cleanup of Warden to break those chains.
  • Rotate any password you ever used on Senegalese government portals or related services, and enable 2FA through an authenticator app rather than SMS.
  • Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next exposure of your data is caught in hours, not months.
  • Cover the household—DoxxScan family coverage extends to dependents and children’s gaming accounts that often chain back to the same address or parent email.
  • Let remediation specialists handle takedown requests across data brokers and leak sites for you while you focus on securing day-to-day accounts.

The incident shows that even national financial authorities can be hit and that the resulting data can reach criminals within days. A single breach like DGCPT’s can quietly feed months of targeted fraud against ordinary families. DoxxScan by GalaxyWarden delivers continuous monitoring across 15.4B+ breach records and 100+ platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and household coverage that includes children’s gaming accounts. Starting that process promptly gives you the best chance of limiting damage before the next wave of misuse begins.

Share this Post on X Reddit Email
Why this isn’t just another breach checker

A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.

Free checker Tells you the breach happened. End of story. You’re still on 800+ broker sites.
$129+/yr Broker-removal services scrub the address but don’t see the breach — next leak re-exposes you.
GalaxyWarden Maps the chain. Cleans both halves. $19 one-shot. Closed loop.

⚠ Were you in this breach?

Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.

Check my email — free →
Close the chain attack

Both halves of the chain, cleaned once.

A breach put your credentials in 15.4B+ leaked records. Hackers chain that data to your address on 800+ broker sites. GalaxyWarden closes both halves for $19 once — no subscription required.

Clean both halves — $19 →
Free breach scan + 800+ broker letters + 30-day proof · one payment, no subscription
W Warden Plus — ongoing monitoring $9.99/mo
Warden Plus ($9.99/mo or $99/yr): weekly re-scans, breach alerts, AI Concierge, auto re-files on relisted brokers.