Ransomware

PandaBuy Data Breach: 1.3M Users’ Info Allegedly Exposed

The , reportedly orchestrated by two popular hackers, exploited vulnerabilities within PandaBuy's systems, including critical flaws in its API.

by Ashish Khaitan April 2, 2024 in Data Breach News, Firewall Daily, Hacker Claims Reading Time: 3 mins read 0

601 SHARES 3.3k VIEWS Share on LinkedInShare on Twitter

The popular online shopping platform PandaBuy allegedly fell victim to a massive data breach, leaving over 1.3 million users affected. The was posted on a forum in collaboration with two threat actors — and .

The two hackers exploited vulnerabilities within PandaBuy's systems, including critical flaws in its API. These weaknesses granted unauthorized access to sensitive user data, including user IDs, names, contact details, login IP addresses, and order histories.

Alleged PandaBuy Data Breach Claims on Dark Web

Source: Dark Web

PandaBuy, renowned for enabling overseas consumers to purchase products from Chinese e-commerce giants like Tmall, Taobao, and JD.com, has not confirmed the data breach. Howeer, Microsoft Regional Director, Troy Hunt confirmed that the leaked data “did indeed come from Pandabuy”.

Hunt also revealed that the sample data provided by the hackers had “made-up email addresses” that were not part of the original leak, which proves that the threat actors' claim of the “3 million” was an exaggeration and the leaked data was limited to 1.3 Million accounts. 

Source: Troy Hunt on X

The PandaBuy data breach came to light when ‘Sanggiero' posted about the incident on March 31, 2024, announcing the leaked download of the PandaBuy database on a hacking forum.

The threat actor post reads, In April 2024, almost 3M+ rows of data from the store company Pandabuy was posted to a popular hacking forum. The data was stolen by exploiting several critical vulnerabilities in the platform's API and other bugs were identified allowing access to the internal service of the website.”

Decoding the Sample Data

Along with the post for the PandaBuy data breach, the threat actor Sanggiero, shared a string of sample data while conversing with other forum members. The Cyber Express analyzed this sample data and found a structured dataset of order inquiries from the PandaBuy platform. 

Each line within the dataset represents a customer inquiry regarding their orders, providing insights into various aspects such as order cancellations, size adjustments, shipping updates, refunds, and order status queries.

The Cyber Express has reached out to the e-commerce organization to learn more about this PandaBuy data breach. However, at the time of writing this, no official statement or response has been received, leaving the claims for the PandaBuy data leak unconfirmed.

The Involvement of IntelBroker 

The likelihood of this PandaBuy data breach being true is because IntelBroker, a solo hacker, is also involved in the incident. For its records, IntelBroker has claimed many cyberattacks and a majority of them have been proven true.

Moreover, in an exclusive interview with the hacker, TCE found out the hacker had been working alone and had claimed data breaches on organizations like Los Angeles Airport. Discussing his modus operandi with TCE, IntelBroker discussed his hacking journey, dispelled misconceptions, and addressed involvement with CyberNiggers. 

The hacker highlighted breaches that deserved more attention and shared insights into the deep dark web and data breaches. The hacker advocates transparency in handling cybersecurity incidents and admires Sanggiero from BreachForums for their contributions.

As for the PandaBuy data breach, this is an ongoing story and The Cyber Express will be closely monitoring the situation. We'll update this post once we have more information on the alleged Pandabuy data breach or any official confirmation from the organization. 

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button