2.7 C
London
Saturday, January 28, 2023

A network of counterfeit clothing stores has exposed 330,000 customer credit cards • londonbusinessblog.com

Must read

Warner Bros. stole our Harry Potter wand’s IP address, says Kano • londonbusinessblog.com

canoethe British start-up known for its own computer kits and software for learning coding and associated STEM skills, Warner Bros. accused of copying...

Adani Enterprises’ ₹20,000 crore FPO is now open, analysts remain cautiously optimistic

Adani The follow-on public offering (FPO) of ₹20,000 crore from companies has received mixed reception from brokers, who underline that the bet on green...

Southwest develops software fixation to prevent travel meltdowns

After the disastrous Christmas travel season, which saw 16,700 flight cancellations, Southwest Airlines is testing new software solutions - and facing an investigation from...

Did Sssniperwolf’s boyfriend cheat on her? Explore relationship

Alia Shelesh, also known as SSSniperwolf or Lia Wolf, is a YouTuber, gamer and social media influencer from the United Kingdom. Her most...
Shreya Christinahttps://londonbusinessblog.com
Shreya has been with londonbusinessblog.com for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider londonbusinessblog.com team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

If you have recently made a purchase from a foreign online store that sells fake clothes and items, there is a chance that your credit card number and personal information have been exposed.

Since Jan. 6, a database containing hundreds of thousands of unencrypted credit card numbers and associated cardholder information has been circulating the open web. At the time it was taken offline on Tuesday, the database contained about 330,000 credit card numbers, cardholder names, and full billing addresses — and this number rose in real time as customers placed new orders. The data contains all the information a criminal would need to make fraudulent transactions and purchases using a cardholder’s data.

The credit card numbers belong to customers who have made purchases through a network of nearly identical online stores claiming to sell designer goods and clothing. But the stores had the same security problem in common: Every time a customer made a purchase, their credit card and billing information was stored in a database, which was put on the Internet without a password. Anyone who knew the IP address of the database had access to large amounts of unencrypted financial data.

Anurag Sen, a good faith security researcher, found the exposed credit card information and asked londonbusinessblog.com for help reporting it to the owner. Sen has a respectable track record of scanning the Internet for exposed servers and inadvertently published data, reporting it to companies to secure their systems.

But in this case, Sen wasn’t the first person to discover the spilled data. According to a ransom note left in the exposed database, someone else had found the leaked data and instead of trying to identify the owner and report the leak responsibly, the unnamed person instead claimed to have made a copy of the entire contents of the database of credit card information and would return it in exchange for a small amount of cryptocurrency.

A review of the data by londonbusinessblog.com shows that most credit card numbers are owned by cardholders in the United States. Several people we contacted confirmed that their disclosed credit card information was accurate.

londonbusinessblog.com has identified several online stores whose customer data has been exposed by the leaked database. Many of the stores claim to operate from Hong Kong. Some stores are designed to sound like big brands, like Sprayground, but whose websites have no discernible contact information, typos and spelling errors, and a noticeable lack of customer reviews. Internet registrations also show that the websites have been set up in recent weeks.

Some of these websites are:

  • spraygroundusa.com
  • ihuahebuy.com
  • igoodlinks.com
  • ibuysbuy.com
  • lichengshop.com
  • hzoushop.com
  • goldlyshop.com
  • haohangshop.com
  • twinklebubble.store
  • spendidbuy.com

If you’ve bought something on one of those sites in the past few weeks, you might want to consider that your debit card has been compromised and contact your bank or card provider.

It is not clear who is responsible for this network of counterfeit stores. londonbusinessblog.com contacted a person via WhatsApp whose Singapore registered phone number was listed as a contact point in several online stores. It’s not clear if the listed contact number is even involved with the stores, as one of the websites listed the location as a Chick-fil-A restaurant in Houston, Texas.

Internet records showed that the database was maintained by a Tencent customer, whose cloud services were used to host the database. londonbusinessblog.com contacted Tencent about the leak of credit card information in its customer’s database, and the company responded quickly. A short time later, the customer’s database went offline.

“When we learned of the incident, we immediately contacted the customer who manages the database and it was immediately shut down. Data privacy and security are top priorities at Tencent. We will continue to work with our customers to ensure they maintain their databases securely,” said Carrie Fan, Global Communications Director at Tencent.

Read more:


More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Warner Bros. stole our Harry Potter wand’s IP address, says Kano • londonbusinessblog.com

canoethe British start-up known for its own computer kits and software for learning coding and associated STEM skills, Warner Bros. accused of copying...

Adani Enterprises’ ₹20,000 crore FPO is now open, analysts remain cautiously optimistic

Adani The follow-on public offering (FPO) of ₹20,000 crore from companies has received mixed reception from brokers, who underline that the bet on green...

Southwest develops software fixation to prevent travel meltdowns

After the disastrous Christmas travel season, which saw 16,700 flight cancellations, Southwest Airlines is testing new software solutions - and facing an investigation from...

Did Sssniperwolf’s boyfriend cheat on her? Explore relationship

Alia Shelesh, also known as SSSniperwolf or Lia Wolf, is a YouTuber, gamer and social media influencer from the United Kingdom. Her most...

The Untold Truth of Stephen Hawking’s Son

 Who is Stephen Hawking's son, Robert Hawking? Wiki bioRobert Hawking was born in the United Kingdom on May...