A huge trove of account data from 17 companies is for sale since October 28 on a hacker forum.
The seventeen companies are Geekie.com.br (8.1 million), Clip.mx (4.7 million), Wongnai.com (4.3 million), Cermati.com (2.9 million), Everything5pounds.com (2.9 million), Eatigo.com (2.8 million), Katapult.com (2.2 million), Wedmegood.com (1.3 million), RedMart (1.1 million), Coupontools.com (1 million), W3layouts.com (789 thousand), Game24h.vn (779 thousand), Invideo.io (571 thousand), Apps-builder.com (386 thousand), Fantasycruncher.com (227 thousand), Athletico.com.br (162 thousand), Toddycafe.com (129 thousand).
The threat actor told BleepingComputer that it is only acting as a broker, advertising the stolen data and did not hack the seventeen companies. As per the seller, the account databases are the results of data breaches that took place in 2020, and none of the companies has disclosed security breaches before this week.
A spokesman from e-commerce giant Lazada, which owns e-grocer Redmart, confirmed the data breach on Friday (Oct 30) and said that the personal information stolen included names, phone numbers, e-mail, mailing addresses, encrypted passwords and partial credit card numbers. The company is in the process of reaching out to affected customers.
When asked how the hacker gained access to the various sites, the seller stated, "Not sure if he want to disclose." Stolen databases are typically sold first in private sales, like those listed above, with previous ranging from $500, as seen in the Zoosk data breach, to $100,000 for the Wattpad database. After some time, it is common for the stolen databases to be released for free on hacker forums to increase a threat actor's 'street cred.'