Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Database Leaked. Show all posts
Personal Information
customer data compromise customer data leak customer data privacy Data Breach Data Leak Data Privacy data security Database Leaked Fashion Retailer Personal Information

SABO Fashion Brand Exposes 3.5 Million Customer Records in Major Data Leak

 

Australian fashion retailer SABO recently faced a significant data breach that exposed sensitive personal information of millions of customers. The incident came to light when cybersecurity researcher Jeremiah Fowler discovered an unsecured database containing over 3.5 million PDF documents, totaling 292 GB in size. The database, which had no password protection or encryption, was publicly accessible online to anyone who knew where to look. 

The leaked records included a vast amount of personally identifiable information (PII), such as names, physical addresses, phone numbers, email addresses, and other order-related data of both retail and business clients. According to Fowler, the actual number of affected individuals could be substantially higher than the number of files. He observed that a single PDF file sometimes contained details from up to 50 separate orders, suggesting that the total number of exposed customer profiles might exceed 3.5 million. 

The information was derived from SABO’s internal document management system used for handling sales, returns, and shipping data—both within Australia and internationally. The files dated back to 2015 and stretched through to 2025, indicating a mix of outdated and still-relevant information that could pose risks if misused. Upon discovering the open database, Fowler immediately notified the company. SABO responded by securing the exposed data within a few hours. 

However, the brand did not reply to the researcher’s inquiries, leaving critical questions unanswered—such as how long the data remained vulnerable, who was responsible for managing the server, and whether malicious actors accessed the database before it was locked. SABO, known for its stylish collections of clothing, swimwear, footwear, and formalwear, operates three physical stores in Australia and also ships products globally through its online platform. 

In 2024, the brand reported annual revenue of approximately $18 million, underscoring its scale and reach in the retail space. While SABO has taken action to secure the exposed data, the breach underscores ongoing challenges in cybersecurity, especially among mid-sized e-commerce businesses. Data left unprotected on the internet can be quickly exploited, and even short windows of exposure can have lasting consequences for customers. 

The lack of transparency following the discovery only adds to growing concerns about how companies handle consumer data and whether they are adequately prepared to respond to digital threats.
Read more »
protecting sensitive data
Data Breach Data Sale data security Data Stolen Data Theft Database Leaked Database Security Infostealer Personal Data Personal Information protecting sensitive data

Startup Sells Stolen Personal Data Online for $50, Raising Alarms Over Privacy and Ethics

 

A new controversy is brewing over a U.S.-based startup accused of making stolen personal data widely accessible—for as little as $50. Farnsworth Intelligence, founded by 23-year-old Aidan Raney, is openly marketing a product called “Infostealers,” which allows customers to search a massive database of sensitive information, including passwords, browser autofill data, and private account credentials. 

According to investigative reporting by 404 Media, this information isn’t simply scraped from public directories or legally collected sources. Instead, it appears to come directly from major data breaches—information illegally obtained from hacked websites and platforms. Users can buy access through the company’s online portal, Infostealers.info, raising serious questions about the legality and ethics of such transactions. 

While services like people-search websites have long existed, Farnsworth’s platform seems to go far beyond what’s commonly available. Some of the information for sale includes usernames, passwords, browser history, addresses saved in auto-fill fields, and more—data types typically leaked only after breaches. Their advanced offering, the Infostealer Data Platform, promises even deeper access. Although not available to everyone, it can be granted upon request for uses like journalism, cybersecurity, private investigations, or law enforcement. The company doesn’t appear to require a court order or warrant for access. 

Farnsworth Intelligence makes bold claims about its reach and capabilities. Its website boasts about human intelligence operations and even claims to have infiltrated a North Korean laptop farm via social engineering. It promotes use cases like “corporate due diligence,” “background checks,” and “asset searches,” without clearly explaining how it acquires its “trillions” of data points. The lack of transparency, coupled with the open sale of sensitive data, is alarming. 

Experts argue that while security researchers and cybersecurity firms often monitor breach data to help protect users, monetizing it so brazenly is a different matter entirely. As Cooper Quintin from the Electronic Frontier Foundation notes, “It would be illegal and unethical to sell stolen cell phones even if you didn’t steal them yourself, and I don’t see how this is any different.”  

Even more concerning is the potential for abuse. With no real verification or oversight, bad actors—including stalkers or authoritarian agencies—could exploit this platform to target individuals, especially those already at risk. The implications for personal safety, privacy rights, and digital ethics are profound. 

This development underscores how data breaches don’t just disappear—they become weapons for profit in the wrong hands.
Read more »
Employee Data
Australia Australian Businesses Cybersecurity Researchers Data Breach Data Leak data security Database Leaked Database Security Employee Data

Sydney Tools Data Leak Exposes Millions of Customer and Employee Records

 

A major data leak from Sydney Tools, an Australian retailer specializing in power tools, hand tools, and industrial equipment, has potentially exposed the personal information of millions of customers and employees. The breach, discovered by cybersecurity researchers at Cybernews, involved an unprotected Clickhouse database that remained publicly accessible online, allowing unauthorized individuals to view sensitive data.  

According to the report, the database contained more than 5,000 records related to Sydney Tools employees, including both current and former staff. These records included full names, branch locations, salary details, and sales targets. Given that Sydney Tools reportedly employs around 1,000 people, a large portion of the exposed records likely belong to individuals who no longer work for the company. While no banking details were included in the leak, the exposure of employee information still poses a significant security risk. 

Cybercriminals could use these details to craft convincing phishing scams or for identity theft. Beyond employee data, the breach also exposed an even larger volume of customer information. The database reportedly contained over 34 million online purchase records, revealing customer names, email addresses, phone numbers, home addresses, and details of purchased items. The exposure of this information is particularly concerning, as it not only compromises privacy but also increases the risk of targeted scams. 

Customers who purchased expensive tools and equipment may be especially vulnerable to fraud or burglary attempts. Cybernews researchers have expressed serious concerns over the extent of the breach, highlighting that the database includes a mix of personally identifiable information (PII) and financial details. This kind of information is highly valuable to cybercriminals, who can exploit it for various fraudulent activities. The researchers attempted to notify Sydney Tools about the security lapse, urging them to secure the exposed database. 

However, as of their last update, the data reportedly remained accessible, raising further concerns about the company’s response to the issue. This incident underscores the ongoing risks posed by unprotected databases, which continue to be one of the leading causes of data breaches. Companies handling large volumes of customer and employee information must prioritize data security by implementing robust protection measures, such as encryption, multi-factor authentication, and regular security audits. Failing to do so not only puts individuals at risk but also exposes businesses to legal and reputational damage. 

With cybersecurity threats on the rise, organizations must remain vigilant in safeguarding sensitive information. Until Sydney Tools secures the database and provides assurances about how it will handle data protection in the future, customers and employees should remain cautious and monitor their accounts for any suspicious activity.
Read more »
VPN
Data Breach Database Dumped Database Leaked VPN

Data of more than 45 million users of VPN services appeared on the web

Data from 45.5 million users of FreeVPN[.]org and DashVPN[.]io services appeared on the shadow forums. The data was left on an unsecured MongoDB database management system server. Both services belong to the international company ActMobile Networks with headquarters in the USA, only 795.7 thousand records belong to Russia. According to the company's website, more than 75 million people worldwide have used their VPN services.

The database contains user email addresses, encrypted passwords, registration dates, profile updates and last login. The authors of the channel specify that the database stores data from 2017 to 2021.

Information leaks through such services are happening more and more often, previously mobile application data with free VPN GeckoVPN, SuperVPN and ChatVPN appeared on the network, a total of 21 million people were affected.

Before that, in July 2020, the data of more than 20 million users of similar applications UFO VPN, Secure VPN and others were leaked. Experts immediately drew attention to the fact that free mobile VPN services are unsafe, and fraudsters who bought the database can use the data for phishing and hacker attacks.

Experts believe that if a person uses a free service, he should understand that, most likely, he is the product himself. Such companies collect and repeatedly resell information about which sites the user visits, what he is interested in, what purchases he makes. Alexander Dvinskikh, an information security expert at the Krok IT company, is sure that in addition, VPN applications retain information about e-mail and IP addresses of users, which allow identifying directly the owner of this data.

He added that the publicly available information from VPN services can help the special services in investigating cyber incidents in which those who use these services in illegal actions on the Internet were noticed.

Read more »
Russia
Data Breach Database Compromised Database Leaked Moscow Moscow Cyber Security Russia

Hackers put up a database of drivers in Moscow for sale

 The attackers put up for sale a database of drivers in Moscow and the Moscow region on the darknet. The database worth $800 contains 50 million lines with the data of drivers registered in the capital and Moscow region from 2006 to 2019. It was put up for sale on October 19, 2019. Information from 2020 is offered as a bonus for purchase.

The buyer can get the name, date of birth, phone number, VIN code, and car number of the car owner from the database, as well as find out the make of the car, model, and year of registration.

According to the seller, the information was obtained from an insider in the traffic police. Alexei Parfentiev, head of the Serchinform analytics department, also calls the insider's actions the reason for the leak. “It looks more likely also because the requirements of regulators to such structures as the traffic police, in terms of protection from external attacks, are extremely strict,” he said.

However, Andrey Arsentiev, head of analytics and special projects at InfoWatch, noted that the database could have been obtained not through the actions of an insider, but as a result of external influence, for example, through vulnerabilities in system software.

The forum where the database archive was put up for sale specializes in selling databases and organizing information leaks. The main buyers of personal data are businessmen and fraudsters. For example, companies can organize spam mailings or obtain information about competitors, and attackers can use personal data for phishing.

This is not the first time that traffic police databases have been put up for sale. For example, in August 2020, an announcement appeared on one of the hacker forums about the sale of a database with personal data of drivers from Moscow and the region, relevant to December 2019.

“This is not a single leak. This is a systematic (monthly) drain,” said Ashot Oganesyan, founder of DeviceLock.

Read more »
Hackers News
Data Breach Database Leaked Hackers News

Hackers put up for sale the passports of more than 1.3 million Russians

The hackers posted an 809 GB archive with more than 1.3 million scans of passports of Russian citizens, which were stolen as a result of hacking the servers of the cosmetics company Oriflame, on the Cybercriminal Forum RaidForums.

The company's website reports that on July 31 and August 1, it was subjected to a series of cyberattacks, which led to unauthorized access to the company's information systems. At the same time, Oriflame assured that bank account numbers, phone numbers, passwords and commercial transactions of users were not affected by the attack.

The company admits that not only customers from Russia, but also from other CIS countries and Asia were affected. Oriflame has strengthened its cybersecurity measures and is investigating the incident with the participation of law enforcement agencies.

"Probably, the company refused to buy the data from the attackers, so now they are being put into public access," adds Ashot Oganesyan, the founder of the DLBI data leak intelligence service.

It is noted that earlier the seller posted on the Cybercriminal Forum scans of documents of Oriflame clients in Georgia and Kazakhstan and claimed that he has data of the participants of the system from 14 countries in his hands.

Experts speculate that the hackers got it as a result of an attack using vulnerabilities on a corporate site. The leak could have come from a backup copy of the file storage.

A database of 1.3 million copies of passport scans on the black market would cost hundreds of thousands of dollars. Fake documents can be used to take out a microloan, register domains in the .ru zone, SIM cards or wallets of payment systems.

Oriflame leak is not the first among the companies developing network marketing. In 2020, the data of 19 million customers and employees of Avon, including names, phone numbers, dates of birth, e-mail and addresses, became publicly available.

Read more »
Database Leaked
Dark Web Darknet Data Breach Database Leaked

The average price of access to a hacked company in the darknet reached $5,400

Specialists of the Israeli company Kela analyzed more than 1 thousand ads for the sale of initial access to the internal computer networks of hacked organizations published on the darknet from July 2020 to June 2021. The average lot price is about $5.4 thousand.

Kela noted that pricing depends on the revenue of the hacked company: this indicator also determines the nominal value of the ransom that hackers can request. Therefore, access to small firms costs $100-200, and the most expensive lots are thousands of times more.

The highest price tag that the experts met was equal to 12 bitcoins (about $540 thousand at the exchange rate on August 18). That's how much the brokers asked for access to an unnamed Australian company with an annual income of $500 million. The second most expensive access cost 5 bitcoins (about $225 thousand). For this amount, an account was sold in the ConnectWise Control remote desktop access system from the network of one of the American IT companies. Another lot from the top three most expensive accesses was a lot for $100,000, which promised access to the network of some Mexican government agency.

Kela's specialists have compiled a rating of countries, access to companies from which are most often sold on the darknet. The United States led the top by a large margin: 27.9% of ads concern American organizations. France is on the second line with an indicator of 6.1%. Next are the United Kingdom and Australia with shares of 4% each. Canada closed the top five with a result of 3.8%. Then there are Italy (3.5%), Brazil (3.2%), Spain and Germany (2.3% each), the United Arab Emirates (2%).

The researchers noted that Russia and the CIS countries could not enter the top 10, since working with local companies on Russian-language hacker forums is not customary.


Read more »
Hacking News
Data Breach Data Leakage Database Leaked Hackers News Hacking News

Hacker gained access into a major CIS drug marketplace

Part of the database of the forum and its owners is available free of charge, the hackers offered to purchase the rest for 1 bitcoin. Experts hope that the action will allow a series of arrests and deal a major blow to the drug trade.

According to the leaked data, the owner and developer of the forum is a citizen of Latvia Artem Shvedov, one of the former developers is Roman Kukharenko, registered in the Moscow region, and the current administrator is a citizen of Ukraine Alexander Prokhozhenko.

Cybersecurity experts pointed out that in 99% of cases a person, whose name domain and hosting such resources are registered, may not even know about it.

According to Blockchair, a total of 20.57 bitcoins (about $1 million) went through the Legalizer forum's cryptocurrency wallet. At the same time, it is associated with larger wallets. More than 5.3 thousand bitcoin (about $248 million) passed through one of them.

In addition, the email address given by the hacker who hacked Legalizer matches the contact whose user calls himself a Russian-speaking hacker and an information security specialist at the shadow site o3shop.

An analyst of the operational monitoring group Angara Professional Assistance said that usually shadow forums are hacked "because of competition or partner revenge." In his opinion, the attack on Legalizer may be related to the redistribution of the drug market or extortion.

The expert admitted that hacking Legalizer can lead to arrests.

State borders may also become an obstacle for law enforcement agencies. Although the forum is oriented at the Russian-speaking audience from the CIS, it may be physically located on servers hosted in a country where drugs are legal.

Read more »
Subscribe to: Posts (Atom)