Threat Actor: Sanggiero | Sanggiero
Victim: Kameymall | Kameymall
Price: Not specified
Exfiltrated Data Type: Various fields including ID, member level ID, username, password, nickname, phone number, email address, status, creation time, icon, gender, birthday, city, occupation, personalized signature, source type, integration details, growth metrics, lucky count, hobbies, historical integration, remarks, country code, province code, end browse notice time, random data, promoter status, third-party payment order status, live streaming status, live recording status, buy visibility status, send visibility status, coin usage status, merchant status, and login information.
Additional Information:
- The data breach occurred in April 2024.
- The breach involved the exploitation of several critical vulnerabilities.
- Approximately 20,000 rows of data were compromised.
- The compromised data includes a wide range of personal and account information.
- The data was posted on a prominent hacking forum.
In April 2024, approximately 20,000 rows of data belonging to the retail company Kameymall were reportedly posted on a prominent hacking forum. The data breach is said to have occurred through the exploitation of several critical vulnerabilities. The compromised data includes various fields such as ID, member level ID, username, password, nickname, phone number, email address, status, creation time, icon, gender, birthday, city, occupation, personalized signature, source type, integration details, growth metrics, lucky count, hobbies, historical integration, remarks, country code, province code, end browse notice time, random data, promoter status, third-party payment order status, live streaming status, live recording status, buy visibility status, send visibility status, coin usage status, merchant status, and login information.
Original Source: https://dailydarkweb.net/sanggiero-allegedly-breaches-kameymall-database-exposing-confidential-user-data/