Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

Criminal data breach site WeLeakInfo just leaked customer payment details

Image Description

Thousands of customers with the now-defunct illegal online service WeLeakInfo have had their details leaked on a popular hacking forum 

A database which contains highly sensitive information on more than 24,000 WeLeakInfo customers in a ZIP archive was discovered online.

As reported by CyberNews, the forum user is now selling highly sensitive information of former WeLeakInfo customers that made their illicit purchases using Stripe. The data available for sale includes their full names, IP addresses, addresses, partial credit card data, transaction dates, Stripe reference numbers and phone numbers for around $2 in virtual forum currency.

Before it was shut down by the FBI in January 2020, WeLeakInfo sold access to stolen information scraped from over 10,000 data breaches. In total, the site contained 12 billion indexed user credentials that included names, usernames, email addresses and passwords for online accounts.

However, customers that made purchases from WeLeakInfo using PayPal or Bitcoin are “all good” according to the forum user as their information is not included in the leak.

WeLeakInfo customer data

The forum user selling the WeLeakInfo archive claims that the FBI may have missed a spot when it seized the site's original domain as there was a separate domain associated with the service that was used to process payments for those who bought stolen data via Stripe.

WeLeakInfo's payment site was not allowed to expire in March of this year and as a result, anyone could have claimed the domain as their own which is exactly what the hacking forum user did. They claim they were able to perform a password reset against the Stripe account that was associated with the two owners of WeLeakInfo and gain access to all of the data from the website. During its time in of operation which lasted for less than a year, the site was able to accumulate a little over £100,000 ($138k) from 24,603 customers. 

Judging from the data samples provided by the forum user, the age of the Stripe account owner is consistent with the information about the arrested owners of WeLeakInfo, according to CyberNews. The information contained in the WeLeakInfo database could be used by law enforcement to arrest those who previously purchased stolen data but it could also be used by other cybercriminals to launch extortion or blackmail attacks.

If you're concerned that your credentials may have leaked online following a data breach, you can always use CyberNews' personal data leak checker to search through its library of over 15bn breached records.

Via CyberNews

Date

16 Mar 2021

Sources


Share


Other Blog

  • Nvidia confirms GeForce event for September 1: it looks like Ampere is on its way

    Nvidia CEO Jensen Huang will showcase the 'biggest breakthroughs in PC gaming since 1999'

    Read More
  • Zoom says remote working is here to stay

    Majority of businesses are now considering a flexible work future

    Read More
  • The RTX 3080 may be back in stock at Best Buy soon – here's how to track it

    The RTX 3080 is the hardest to find GPU, but the restock date for the graphics card may happen within the next 24 hours.

    Read More
  • Cybersecurity is not a one-stop shop

    Hackers are more innovative than ever before and businesses need to stay one step ahead.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us