EMWNews.com Breaking News
Scammers are Hacking iPhone & Samsung phones, Stealing Bitcoin Crypto Bank Account all your money What are you doing to stop them?
Leaked data goldmine for scammers, are past masters at reusing personal info in follow-on phishing and identity fraud attempts | EMWNews.com

300K Leaked Data Goldmine for Scammers Amazon & Shopify

Posted by: Jerry Cruz in Data Breach & Crypto December 4, 2021

Security researchers have found a misconfigured cloud-hosted database leaking over 300,000 records, including sensitive personal information on e-commerce buyers.

A team at Safety Detectives found the leaky Elasticsearch database on July 25 this year but claimed the content had been exposed without any password protection or encryption since November 2020.

Its efforts to close the leak have so far proven unsuccessful, after hosting firm Alibaba did not reply to the team’s outreach, and the identity of the database owner remains a mystery.

All Safety Detectives has been able to ascertain from the 500MB data leak is that the owner is a Chinese ERP provider serving businesses that sell goods on platforms like Amazon and Shopify.

Around half of the 329,000 exposed records contained buyers’ names, phone numbers, email, billing, and delivery addresses, according to the report. In some cases, seller names, email addresses, and billing information were also leaked.

German, French, and Danish e-commerce customers featured among the haul, with as many as 150,000 potentially exposed, the report claimed.

The leaked data would be a goldmine for scammers, who are past masters at reusing personal information in follow-on phishing and identity fraud attempts designed to elicit more sensitive financial info.

“Home addresses are available on the database too. This makes home invasion/burglary a real possibility if personally identifiable information (PII) is sold on to other criminals. Thieves may target users who make high-value orders in the hope the victim’s house is full of expensive goods,” the report claimed.

“Theft of ordered goods is another risk associated with leaked order details. Tracking links, shipment times, courier information, delivery addresses, and order information provide criminals with enough data to intercept and steal a user’s ordered goods.”

If the database owner is finally tracked down, they could face investigation from regulators of both the GDPR and China’s new equivalent legislation, the Personal Information Protection Law (PIPL).

Private Secure Insured Protect Your Crypto & Assets If your Identity & Phone isn't SAFE Secure do it NOW efani Crypto SIM Swap Scam Hack Protect Your iPhone Samsung & Cell Phone Private Secure Calls

Tagged with:

Scammers are Hacking iPhone & Samsung phones, Stealing Bitcoin Crypto Bank Account all your money What are you doing to stop them?

Copyright ©2015 - 2024 by EMWNews.com | All Rights Reserved

By using this site you agree to the Terms of Service, Privacy Policy, and Cookie Policy.

Press Release data provided by EMWPressWire and Partners and subject to terms of use. Most Secure Mobile Service is provided by efani. Market news headlines are provided by EMWPressWire and Partners. All quotes are in US EST and subject to 15-minute delays. Real-time last sale data for U.S. stock quotes reflect trades reported through NASDAQ only.