A network of knockoff apparel stores exposed 330,000 customer credit cards
Reading Time: 2 minutesIf you recently made a purchase from an overseas online store selling knockoff clothes and goods, there’s a chance your credit card number and personal information were exposed.
Since January 6, a database containing hundreds of thousands of unencrypted credit card numbers and corresponding cardholders’ information was spilling onto the open web. At the time it was pulled offline on Tuesday, the database had about 330,000 credit card numbers, cardholder names, and full billing addresses — and rising in real-time as customers placed new orders. The data contained all the information that a criminal would need to make fraudulent transactions and purchases using a cardholder’s information.
The credit card numbers belong to customers who made purchases through a network of near-identical online stores claiming to sell designer goods and apparel. But the stores had the same security problem in common: any time a customer made a purchase, their credit card data and billing information was saved in a database, which was left exposed to the internet without a password. Anyone who knew the IP address of the database could access reams of unencrypted financial data.
But in this case, Sen wasn’t the first person to discover the spilling data. According to a ransom note left behind on the exposed database, someone else had found the spilling data and, instead of trying to identify the owner and responsibly reporting the spill, the unnamed person instead claimed to have taken a copy of the entire database’s contents of credit card data and would return it in exchange for a small sum of cryptocurrency.
Some of these websites include:
-
spraygroundusa.com
-
ihuahebuy.com
-
igoodlinks.com
-
ibuysbuy.com
-
lichengshop.com
-
hzoushop.com
-
goldlyshop.com
-
haohangshop.com
-
twinklebubble.store
-
spendidbuy.com
If you bought something from one of those sites in the past few weeks, you might want to consider your banking card compromised and contact your bank or card provider.
‘When we learned of the incident, we immediately contacted the customer who operates the database and it was shut down immediately. Data privacy and security are top priorities at Tencent. We will continue to work with our customers to ensure they maintain their databases in a safe and secure manner,’ said Carrie Fan, global communications director at Tencent.
Read more:
- New York payments startup exposed millions of credit cards
- MoviePass exposed thousands of unencrypted customer card numbers
- Hackers stole passwords for accessing 140,000 payment terminals
Reference: https://techcrunch.com/2023/01/25/apparel-designer-goods-credit-cards-exposed/
Ref: techcrunch
MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG