Sacara Cosmetics Company Allegedly Sold 692k User Data Records
Category

Threat Actor: Unknown | unknown
Victim: SACARA Cosmetics Company | SACARA Cosmetics Company
Price: One-time sale in Monero (XMR)
Exfiltrated Data Type: Sensitive customer information

Key Points :

  • The breach allegedly occurred in 2024.
  • The dataset contains 692,244 rows of user information.
  • Compromised data includes club membership numbers, ID card information, addresses, phone numbers, and dates of birth.
  • The threat actor is selling the data exclusively for cryptocurrency payments.
  • Interested buyers must submit offers through private messages on the dark web forum.

In a post on a dark web forum, a threat actor has claimed responsibility for breaching SACARA, one of Israel’s fastest-growing cosmetics companies. The company, which operates 69 stores across the country, is known for offering affordable, high-quality products.

The breach, alleged to have occurred in 2024, is said to involve a massive dataset containing sensitive customer information. According to the threat actor’s post, the compromised data includes personal details such as club membership numbers, ID card information, addresses, phone numbers, and dates of birth. The dataset reportedly holds 692,244 rows of user information.

The threat actor is offering the data for a one-time sale, accepting payments exclusively in the cryptocurrency Monero (XMR). Interested buyers have been invited to submit offers through private messages on the forum.

The post Cosmetics Company SACARA Allegedly Breached 692K Rows of User Data For Sale appeared first on Daily Dark Web.