HQ/EMEAFind out how we can help your business
In a recent discovery, our iZOOlogic researcher encountered a post lurking on the dark web that offers stolen data from a website called theshopindia.
The post, attributed to a threat actor by the moniker “foxs7,” featured the sale of a purportedly valuable database, valued at approximately 4 million worth of data. This database is particularly alarming as it contains sensitive information belonging to Indian citizens.
Upon encountering this post within a dark web forum, our researcher contacted the seller, eager to collect more details about this offering. Through a series of exchanges, the hacker revealed that the breached website in question dates to 2022.
The hacker acquired the stolen data from an alleged online shopping website called theshopindia.
The name of this compromised platform was unveiled as “theshopindia,” an alleged online shopping destination frequently used by most Indian citizens.
Our researchers’ investigation uncovered a list of confirmed victims after delving deeper into the consequences of this malicious event; among them were reputable entities such as Samsung Home Appliances, the Indian Institute of Engineering Science, and a prominent insurance provider within the nation’s territory.
The nature of the compromised information is a collection of essential details that could benefit the potential buyer of the stolen database. Full names, physical addresses, phone numbers, and dates of birth were among the confirmed details that had fallen into the hands of the hacker.
This information could cause more malicious operations as it offers various details that specifically affect an individual. Other hackers could use information, such as names and phone numbers, to conduct vishing campaigns that could ultimately result in financial loss.
The consequences of this breach extend far beyond the digital realm since it raises uncertainty over the security of personal information in publicly accessible domains. Furthermore, this breach is a reminder of the growing threat posed by cybercriminals, who are always ready to exploit any vulnerability for their own gain.
Therefore, our researchers recommend that potentially affected individuals remain vigilant since other hackers might have acquired the information. On the other hand, organisations should fortify their cyber defences to avoid similar problems.
