Threat Actor: Unknown hacker group
Victim: Pandabuy
Information:
๐ A significant data breach allegedly occurred involving Pandabuy, a store company.
๐ The breach was a result of exploiting multiple critical vulnerabilities within the platform’s API.
๐ Other identified bugs granted access to the website’s internal services.
๐ Approximately 3 million rows of data were posted to a popular hacking forum.
๐ The compromised data includes over 3 million unique user IDs, first names, last names, phone numbers, email addresses, login IPs, order data, order IDs, home addresses, ZIP codes, and country information.
๐ Additional details may have also been accessed.
๐ This breach poses a serious threat to the privacy and security of Pandabuy’s customers.
๐ Immediate action is necessary to mitigate further risks and protect affected individuals.
————————————————–
April 2024, a significant data breach allegedly occurred involving Pandabuy, a store company, where almost 3 million rows of data were posted to a popular hacking forum. The breach was a result of exploiting multiple critical vulnerabilities within the platformโs API, alongside other identified bugs that granted access to the websiteโs internal services. The compromised data includes over 3 million unique user IDs, along with their associated first names, last names, phone numbers, email addresses, login IPs, order data, order IDs, home addresses, ZIP codes, country information, and possibly additional details. This breach represents a serious threat to the privacy and security of Pandabuyโs customers, necessitating immediate action to mitigate further risks and protect affected individuals.
Source: Original Post