Cyber Attack

Alleged Breach of Alyna Exposes 18,000 Users With Passwords, GPS Coordinates, and Booking Data From Kuwaiti Laundry and Cleaning App

DarkWebInformer
Alleged Breach of Alyna Exposes 18,000 Users With Passwords, GPS Coordinates, and Booking Data From Kuwaiti Laundry and Cleaning App
A threat actor known as Sorb claims to be selling the full user database from Alyna, a Kuwait-based laundry and cleaning mobile app, containing 18,000 records. The dataset includes MD5-hashed passwords, GPS coordinates and booking addresses, Kfast tokens, and other PII, and the listing is offered for $300 as a single-buyer exclusive. #Sorb #Alyna #Kuwait #Kfast #MD5

Keypoints

  • Sorb claims to be selling Alyna’s full user database of 18,000 records.
  • The dataset contains 13,500 unique email hashes and 16,000 unique phone numbers alongside full names and dates of birth.
  • Passwords are hashed with MD5, a weak algorithm that is easily crackable.
  • GPS coordinates and booking/street addresses expose users’ physical locations, creating a safety risk.
  • The listing includes Kfast tokens, device and session metadata, and is priced at $300 for a single-buyer exclusive sale.
DarkWebInformer.com Providing intel from some of the darkest places on the Dark Web & Clearnet. Breaches, Darknet Markets, Ransomware, Threat Alerts, & more!

Read More: https://darkwebinformer.com/alleged-breach-of-alyna-exposes-18-000-users-with-passwords-gps-coordinates-and-booking-data-from-kuwaiti-laundry-and-cleaning-app/