[{"id":"pst-001","source":"Pastebin (LAB scrape)","discovered_at":"2026-05-01T10:30:00Z","confidence_score":82,"severity":"high","affected_asset":"internal hosts list","evidence":"https://pastebin.com/abcd1234 — internal_hosts.txt: jenkins.internal.keensafeglobalbank.com, vault.internal.keensafeglobalbank.com, kafka01.internal.keensafeglobalbank.com","recommended_action":"File pastebin removal; review what else may have leaked from same source.","mitre_mapping":["T1593.003"],"compliance_mapping":["ISO 27001 A.5.7"]},{"id":"pst-002","source":"ghostbin alt (LAB)","discovered_at":"2026-04-28T08:55:00Z","confidence_score":76,"severity":"medium","affected_asset":"DB schema","evidence":"Public paste with full schema dump of `keensafebank` (users, accounts, cards, transactions).","recommended_action":"File takedown; review DB exposure surface; rotate read-only DB credentials.","mitre_mapping":["T1213"],"compliance_mapping":["GDPR Art.32"]},{"id":"pst-003","source":"0bin clone (LAB)","discovered_at":"2026-04-26T20:11:00Z","confidence_score":60,"severity":"medium","affected_asset":"PCI scope notes","evidence":"Excerpt from pci_scope_notes.pdf (2024 version) including KMS aliases.","recommended_action":"Confirm authenticity; rotate KMS aliases; investigate insider risk.","mitre_mapping":["T1213.002"],"compliance_mapping":["PCI-DSS 3.5"]}]