A network of knock-off apparel stores exposed 330,000 customer credit cards • TechCrunch

If you recently made a purchase at an online store that sells counterfeit clothing and goods from overseas, your credit card number and personal information may have been leaked.

Since January 6th, a database containing hundreds of thousands of unencrypted credit card numbers and corresponding cardholder information has been leaked to the open web. When it went offline on Tuesday, it had about 330,000 credit card numbers, cardholder names and full billing addresses in its database, and grew in real time as customers placed new orders. The data contained all the information criminals needed to use cardholder information to make fraudulent transactions and purchases.

The credit card numbers belong to customers who have made purchases through a network of nearly identical online stores claiming to sell designer goods and apparel. However, these stores had a common security problem. Every time a customer made a purchase, credit card data and billing information was stored in a database and left exposed to the internet without a password. Anyone who knows her IP address in the database can access large amounts of unencrypted financial data.

AnuragsenA conscientious security researcher, Sen has a respectable track record of scanning the internet for exposed servers and inadvertently exposed data and reporting to companies to protect their systems.

In this case, however, Sen was not the first to discover leaked data. A ransom note left on a public database claims that, instead of someone else discovering the leaked data and attempting to identify the owner and report the leak responsibly, an unknown person has stolen the contents of the database. claimed to have obtained a copy of the entirety. It takes credit card data and gives it back in exchange for a small amount of cryptocurrency.

TechCrunch’s review of the data shows that most credit card numbers are owned by US cardholders. Several people we contacted confirmed that the published credit card data was accurate.

TechCrunch has identified multiple online stores whose customer information was exposed by the compromised database. Many of the stores claim to operate outside of Hong Kong. Some stores are designed to sound like big names like Sprayground, but their websites have no identifiable contact information, typos and spelling errors, and a conspicuous lack of customer reviews. doing. Internet records also indicate that these websites have been launched in the past few weeks.

These websites include:

  • spraygroundusa.com
  • ihuahebuy.com
  • igoodlinks.com
  • ibuysbuy.com
  • lichengshop.com
  • hzoushop.com
  • goldlyshop.com
  • haohangshop.com
  • twinklebubble.store
  • spendidbuy.com

If you have purchased anything from one of these sites in the past few weeks, we recommend that you consider your bank card compromised and contact your bank or card provider.

It is not clear who is responsible for this network of counterfeit shops. TechCrunch reached out via WhatsApp to a person whose Singapore-registered phone number was listed as a contact for several online stores. Given that one of the websites listed the location as a Chick-fil-A restaurant in Houston, Texas, it’s not clear if the contact numbers listed relate to the store.

Internet records show that the database was operated by a Tencent customer, who used Tencent’s cloud services to host the database. TechCrunch reported that he contacted Tencent about credit card information being leaked from its customer database, and Tencent was quick to respond. The customer’s database went offline after some time.

“When we learned of the incident, we immediately contacted the customer who operated the database and immediately shut it down. Data privacy and security are Tencent’s top priorities. Carrie Fan, Global Communications Director at Tencent, said. , said:

read more:



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *