Chinese global shopping platform PandaBuy suffered a cyberattack in which sensitive data on more than a million users was stolen.
The authenticity of the data was confirmed, and platform users urged to reset their passwords, immediately.
Earlier this week, a hacker with the alias “Sanggiero” announced on a dark web forum that they, together with popular leaker “IntelBroker”, broke into PandaBuy by abusing multiple flaws in the API.
Ignoring the problem
“The data was stolen by exploiting several critical vulnerabilities in the platform’s API and other bugs were identified allowing access to the internal service of the website,” the hacker said. “The data contained 3M+ unique UserId, First Name, Last Name, Phone Numbers, Emails, Login IP, Orders_Data, Orders_Id, Home_address, Zip, Country, and so on.”
While the hackers claim to have stolen data on more than three million people, the actual number is not half of that. As reported by BleepingComputer, the founder of HaveIBeenPwned? website, Troy Hunt, took the database and initiated a password reset request for all the emails found in there. At least 1.3 million email addresses returned as valid, and as coming from PandaBuy.
Hence, the exact number of compromised accounts is 1,348,407, they said.
If you are worried about your data being stolen, head over to HaveIBeenPwned? and check if your address was compromised. In that case, resetting the password would also be wise.
PandaBuy hasn’t officially addressed the issue. BleepingComputer found that company representatives said, in a Discord channel, that this was an older incident that was already remedied. Others, according to the publication, claim the company is trying to shove the whole thing under the rug, by censoring user posts on Discord and Reddit.
PandaBuy is a retail platform where international users can purchase products from Chinese e-commerce platforms such as JD.com. The database can allegedly be purchased for a “symbolic” payment in cryptocurrency.
+ There are no comments
Add yours