Excerpt from Bleeping Computer Article, Published on Apr 01, 2024

 

In a concerning development, the PandaBuy online shopping platform has fallen victim to a significant data breach, impacting over 1.3 million of its customers. The breach, allegedly orchestrated by two threat actors, ‘Sanggiero’ and ‘IntelBoker,’ has exposed sensitive user information due to multiple vulnerabilities exploited within the platform’s systems.

PandaBuy, a platform catering to international users seeking products from various Chinese e-commerce giants like Tmall, Taobao, and JD.com, now finds itself embroiled in a security crisis. According to Sanggiero, the breach was made possible by exploiting critical flaws in the platform’s API, granting unauthorized access to internal services. The stolen data, which includes over 3 million unique user IDs along with personal details such as names, phone numbers, emails, and addresses, has been made available on underground forums. Interested parties can obtain this information for a nominal fee in cryptocurrency, exacerbating the severity of the breach.

Confirmation of the breach comes from data breach aggregation service Have I Been Pwned (HIBP), which reports that 1,348,407 PandaBuy accounts have been compromised. Moreover, to validate the authenticity of the leaked data, Sanggiero has provided a sample containing email addresses, customer names, order details, and transaction histories. Troy Hunt, the creator of HIBP, further confirmed the breach by testing password reset requests, affirming that at least 1.3 million email addresses are indeed linked to PandaBuy accounts. However, it’s noted that the total of “3 million” initially claimed by the threat actors is inflated, with some entries being fabricated or duplicates.

In response to inquiries about the breach, PandaBuy has remained silent, prompting speculation about efforts to conceal the incident. Reports suggest that the company has been censoring user posts on platforms like Discord and Reddit, attempting to downplay the severity of the breach. Amidst growing concerns over data security and user privacy, urgent measures are warranted to address the fallout from the PandaBuy breach. Customers are left vulnerable, highlighting the critical need for enhanced cybersecurity protocols and transparent communication from affected companies.

 

To delve deeper into this topic, please read the full article on Bleeping Computer