The now-defunct WeLeakInfo information breach website has suffered its personal information breach after a risk actor leaked the service’s fee data and buyer information.
WeLeakInfo was an internet site that supplied paid subscriptions for searchable entry to a database containing 12.5 billion consumer information stolen throughout information breaches. This information included electronic mail addresses, names, telephone numbers, addresses, and in lots of circumstances, passwords.
Risk actors generally used the positioning to conduct phishing campaigns, credential stuffing assaults, and probably acquire entry to company networks.
In January 2020, a world legislation enforcement operation together with the FBI, UK NCA, the Netherlands Nationwide Police Corps, the German Bundeskriminalamt, and the Police Service of Northern Eire, allowed the FBI to grab the WeLeakInfo area – successfully shutting down the positioning’s operation.
Information breach vendor suffers an information breach
Final Thursday, a risk actor launched an archive of fee processing information utilized by WeLeakInfo when processing funds by means of Stripe.
The information was revealed on a preferred hacking discussion board often called RaidForums, the place different risk actors may obtain WeLeakInfo information by paying eight credit, a type of forex used on the discussion board, which is the same as about $2.54.
One of many hacking discussion board directors posted that they discovered their information listed within the dump from once they used the service.
The poster states they gained entry to the WeLeakInfo fee processing information after the FBI allowed the ‘wli.design’ area to run out. WeLeakInfo allegedly used this area for payment-related emails from Stripe.
“The stripe account was taken over as a result of FBI not securing the entire domains that WeLeakInfo owned, and consequently “wli.design” expired, the area utilized by them for payment-related emails.”
“I used to be capable of register this area after which reset the password on their stripe account, giving me full entry to all buyer data for those who paid by way of stripe,” the risk actor defined in a submit leaking the WeLeakInfo information.
Final weekend, cybersecurity intelligence agency Cyble shared samples of the stolen information with BleepingComputer and mentioned there are roughly 10,000 distinctive clients listed within the information leak.
The leaked information contains screenshots from the Stripe WeLeakInfo account and spreadsheets containing invoices, profitable funds, buyer lists, and extra.
The spreadsheets comprise private and company information, reminiscent of electronic mail addresses, names, billing addresses, final 4 digits and expiration dates of bank cards, IP addresses, order historical past, IP addresses, and telephone numbers.
The screenshots within the information leak additionally point out that WeLeakInfo had near 24,000 funds and a NET gross sales quantity of £92,000 since January 1st, 2019.
Along with non-corporate customers, the leaked information additionally included companies that used the service.
Most of those companies are safety firms that had been probably utilizing the info as a part of proactive warning providers for his or her clients to warn of uncovered credentials and knowledge.