1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Millions of MyDeal users have data sold online after breach

    From TechnologyDaily@1337:1/100 to All on Tue Oct 18 23:15:03 2022
    Millions of MyDeal users have data sold online after breach

    Date:
    Tue, 18 Oct 2022 22:06:06 +0000

    Description:
    MyDeal customer data stolen and sold for $600 on an underground forum.

    FULL STORY ======================================================================

    Australian retail marketplace MyDeal has confirmed it suffered a data breach that has affected more than two million of its customers.

    The company contacted all affected customers explaining the incident, saying that an unknown attacker compromised its systems and accessed customer identity data.

    According to BleepingComputer , the threat actor managed to obtain the login information for MyDeals Customer Relationship Management ( CRM ) platform,
    and used it to extract sensitive data belonging to around 2.2 million users. MyDeal data sold

    That data included names, email addresses, phone numbers, postal addresses, and, for some, birth dates. For a smaller subset of users (1.2 million), the hackers only managed to obtain email addresses.

    While details on the perpetrators are scarce, what they're doing with the
    data is clear: trying to sell it on an underground forum for $600.

    According to the company, the number of entries in the database, which is still being parsed by the attacker, currently stands at over one million,
    with the number predicted to rise.

    To prove the authenticity of the attack, the attackers posted screenshots of MyDeals Confluence servers, as well as the Single Sign-On (SSO) prompt for
    its account with Amazon Web Services ( AWS ).

    MyDeal also said the attackers did not obtain any payment information, identification documents data, or passwords. Still, it suggests users reset their passwords anyway. Such an attack would not have been prevented even
    with the best password managers .

    MyDeal is an Australian retail marketplace that seeks to connect local retailers with potential shoppers. Read more

    Keep your devices safe with the best malware removal tools right now

    Samsung confirms data breach, personal customer data stolen


    Top data breaches and cyber attacks of 2022

    It was acquired by Woolworths in September 2022, but the supermarket chain claims its systems are on a different platform, and therefore completely safe from the attackers.

    While crooks may not have gotten payment data, or passwords, they still have enough information for identity theft or phishing attacks, so users are urged to remain vigilant. Here's our rundown of the best background check tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/news/over-2-million-mydeal-users-have-had-their-data -sold-online-after-a-breach/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)