Threat Actor: Sanggiero | Sanggiero
Victim: Tech in Asia | Tech in Asia
Price: Not specified
Exfiltrated Data Type: User IDs, email addresses, roles, first names, last names, display names, registration dates, avatar URLs, and author URLs
Additional Information :
- The breach occurred in June 2024.
- The data was stolen by exploiting critical vulnerabilities in the platform’s API.
- Other bugs were identified, allowing access to internal services of the website.
- The exact nature of these vulnerabilities has not been specified.
- Users of Tech in Asia are advised to update passwords and monitor their accounts for suspicious activity.
- The full extent of the breach and its impact is yet to be determined.
A threat actor, identified as Sanggiero, claims to have breached and leaked the database of Tech in Asia (Techinasia.com).
The alleged database contains approximately 230,000 records, including user IDs, email addresses, roles, first names, last names, display names, registration dates, avatar URLs, and author URLs. According to Sanggiero, the breach occurred in June 2024.
The threat actor asserts that the data was stolen by exploiting several critical vulnerabilities in the platform’s API. Additionally, other bugs were identified, allowing access to internal services of the website. Sanggiero has not specified the exact nature of these vulnerabilities but claims they were significant enough to compromise the entire user database.
Users of Tech in Asia are advised to remain vigilant and take necessary precautions, such as updating passwords and monitoring their accounts for any suspicious activity. The full extent of the breach and its potential impact on users and the platform itself is yet to be fully determined.
Original Source: https://dailydarkweb.net/threat-actor-claims-to-leak-tech-in-asia-database-with-230000-user-records/