A data breach allegedly occurred on Sunday at Pandabuy, an online store that aggregates items from Chinese e-commerce sites. As a result, 1,348,307 accounts were affected. A large amount of information has been leaked, including user IDs, first and last names, phone numbers, emails, login IP addresses, full addresses, and order information.
Sanggiero and IntelBroker both exploited multiple vulnerabilities to breach the company's systems, allegedly leading to the leakage of the company's data.
People throughout the world can use Pandabuy’s marketplace to access products from Chinese online marketplaces, such as JD.com, Tmall, and Taobao.
Approximately 1.3 million PandaBuy customers' data has been accessed after two threat actors exploited multiple vulnerabilities to gain access to PandaBuy's system, according to PandaBuy's website. In addition to allowing international customers to purchase goods from a variety of Chinese e-commerce platforms, including Tmall, Taobao, and JD.com, PandaBuy is offering international users to purchase products from different e-commerce platforms.
There was a breach at PandaBuy yesterday claimed by an individual known as 'Sanggiero', allegedly performed by 'IntelBoker' in conjunction with the threat actor 'Sanggiero'. The breach, according to Sanggiero, was possible as a result of exploiting critical API vulnerabilities, which allowed unauthorized access to internal platform services.
It has been found that over 3 million unique user IDs are now available on underground forums. These data include personal information such as names, phone numbers, e-mail addresses, and even more.
For interested parties to obtain this information, they will need to pay a nominal fee in cryptocurrency, further aggravated by the breach itself.
PandaBuy has reported that 1,348,407 PandaBuy accounts are being compromised, according to data breach aggregation service Have I Been Pwned (HIBP), which confirmed the breach. Furthermore, Sanggiero has provided a sample of leaked data containing email addresses, customer names, transaction information, and order details as well as a sample of the leaked data to verify the authenticity of it.
A password reset request that Troy Hunt, the creator of HIBP, submitted by PandaBuy users confirmed the breach, confirming that at least 1.3 million email addresses were indeed linked to PandaBuy accounts. In any case, the initial claim of three million entries made by the threat actors appears inflated, with some entries being manufactured or duplicates.
There are several forums where PandaBuy shoppers' information was leaked, and any registered members can obtain it by paying a symbolic payment of cryptocurrency in exchange for the data.
The PandaBuy company has not yet acknowledged an incident of this nature, but one of its administrators on the firm's Discord channel pointed out that the incident was a result of old information, which was already dealt with.
As a precautionary measure, PandaBuy users have been urged to reset their passwords immediately and to be vigilant against scam attempts. Consequently, PandaBuy customers are facing a significant security threat since their customer data was leaked on underground forums.
During the test period, threat actors provided a sample dataset containing email addresses, customer names, order details, and payment information as a means of verifying the authenticity of the breach.
Troy Hunt's validation of the leaked email addresses further corroborated the breach's legitimacy, emphasizing the urgency of corrective action required for it. The PandaBuy users who have been affected by the breach should act immediately to mitigate the risks. Resetting their passwords will help protect their accounts from unauthorized access in the future.
It is also important to be vigilant against potential scams and to be very sceptical when receiving unsolicited communications. In addition to timely notifications, Have I Been Pwned integrations with data breach aggregation services ensure users can take proactive measures to protect their online security when data exposure occurs? It is essential that companies, particularly those that handle large amounts of consumer data, prioritize the security of their platforms to prevent such incidents.
Consumers should remain vigilant and adopt best practices in terms of digital security to keep themselves safe, including strong, unique passwords, and be wary of phishing attempts that may try to steal personal information.