Chinese global shopping platform PandaBuy suffered a cyber attack in which sensitive data of more than a million users was stolen.
The authenticity of the data was confirmed and platform users were urged to reset their passwords immediately.
Earlier this week, a hacker going by the alias “Sanggiero” announced on a dark web forum that they, along with popular leaker “IntelBroker,” had broken into PandaBuy by exploiting multiple flaws in the API.
Ignore the problem
“The data was stolen by exploiting several critical vulnerabilities in the platform’s API and other bugs were identified that allowed access to the website’s internal service,” the hacker said. “The data includes more than 3 million unique user IDs, first name, last name, phone numbers, emails, login IP, orders_data, orders_id, home address, zip code, country, etc.”
Although the hackers claim to have stolen data from more than three million people, the actual number is less than half that. As reported by BleepingComputer, the founder of HaveIBeenPwned? website, Troy Hunt, took the database and initiated a password reset request for all emails found within it. At least 1.3 million email addresses have been returned as valid and from PandaBuy.
So the exact number of compromised accounts is 1,348,407, they said.
If you’re concerned about your data being stolen, check out HaveIBeenPwned? and check if your address has been compromised. In that case, resetting the password would also be wise.
PandaBuy has not officially addressed the problem. BleepingComputer found that company representatives in a Discord channel said this was an older incident that had already been fixed. Others claim, according to the publication, that the company is trying to sweep the whole thing under the rug by censoring user posts on Discord and Reddit.
PandaBuy is a retail platform where international users can purchase products from Chinese e-commerce platforms such as JD.com. The database could be purchased for a ‘symbolic’ payment in cryptocurrency.