Threat Actor: Unknown | Unknown
Victim: E-commerce Company | E-commerce Company
Price: Not specified
Exfiltrated Data Type: Personal and transaction data
Additional Information:
- The threat actor claims to possess a database from an e-commerce company.
- The compromised database contains personal information of thousands of users and transaction details.
- The database includes 106,711 unique emails and extensive transaction records dating back to around 2010.
- Various tables within the database include comments, emails, files, invoice items, items, messages, meta, options, paypals, posts, promo codes, sessions, transactions, users, visits, and vouchers.
- The sample data shared by the threat actor includes PayPal and other transaction details, as well as customer information such as email addresses, usernames, password hashes, street names, cities, countries, and social media accounts.
A threat actor has emerged, claiming to possess a database from an e-commerce company, exposing the personal information of thousands of users along with transaction details. The alleged database, compromised in 2022, encompasses 106,711 unique emails and extensive transaction records dating back to around 2010. It comprises various tables, including comments, emails, files, invoice items, items, messages, meta, options, paypals, posts, promo codes, sessions, transactions, users, visits, and vouchers. The sample data shared by the threat actor includes PayPal and other transaction details, as well as customer information such as email addresses, usernames, password hashes, street names, cities, countries, and social media accounts.
Original Source: https://dailydarkweb.net/threat-actor-claims-sale-of-e-commerce-companys-database-containing-personal-and-transaction-data/