Threat Actor: Unknown | unknown
Victim: EnglishCentral | EnglishCentral
Price: Monero (XMR)
Exfiltrated Data Type: Customer information
Key Points :
- Nearly 3.9 million users affected by the breach.
- Data includes names, account IDs, email addresses, registration dates, lesson status, phone numbers, and Skype IDs.
- Additional information includes payment dates, product IDs, lead scores, and country details.
- Threat actor offered to delete the data permanently if contacted by EnglishCentral’s staff.
- Sample of the stolen data was provided in the post on a dark web forum.
A threat actor has recently claimed to have breached the database of EnglishCentral.com, an online language learning platform. The announcement was made on a dark web forum, where the threat actor offered the allegedly stolen data for sale.
The post asserts that the breach affects nearly 3.9 million users, with customer information spanning from 2021 to 2024. The dataset reportedly includes a range of sensitive details, such as names, account IDs, email addresses, registration dates, lesson status, and even phone numbers and Skype IDs. Additional information in the database allegedly comprises payment dates, product IDs, lead scores, and country details.
In the post, the threat actor provided a sample of the stolen data and stated that the sale will be conducted exclusively in Monero (XMR).
The threat actor also issued a message directed at EnglishCentral’s staff, offering to delete the data permanently if contacted.
The post Alleged Data Breach at EnglishCentral: Threat Actor Claims to Sell Customer Information on Dark Web appeared first on Daily Dark Web.