If you have recently made a purchase from an overseas online store that sells counterfeit clothing and goods, it is likely that your credit card number and personal information have been exposed.
Since January 6, a database containing hundreds of thousands of unencrypted credit card numbers and corresponding cardholder information has flooded the open web. At the time of Tuesday’s outage, the database contained approximately 330,000 credit card numbers, cardholder names, and full billing addresses — and grew in real time as customers placed new orders. The data contains all the information criminals need to make fraudulent transactions and make purchases using the cardholder’s information.
Credit card numbers belonging to customers who made purchases through a network of nearly identical online stores claiming to sell designer and clothing items. But the stores all share a common security problem: whenever a customer makes a purchase, their credit card data and payment information are stored in a database, which is deleted. exposed to the internet without a password. Anyone who knows the database’s IP address can access a wide range of unencrypted financial data.
Anurag Sen, a well-intentioned security researcher, found exposed credit card records and asked TechCrunch for help in reporting it to its owner. Sen has one venerable follow record scan the internet for exposed servers and inadvertently published data, and report it to companies to secure their systems.
But in this case, Sen is not the first to discover the leaked data. According to a ransom note left on the exposed database, someone else found the spilled data and instead attempted to identify the owner and responsibly report the incident. spilled, the unnamed person claimed to have obtained a copy of the entire database contents of the credit card data and would return that data in exchange for a small amount of cryptocurrency.
A review of TechCrunch data shows that most credit card numbers are owned by cardholders in the United States. Several people we have contacted have confirmed that their exposed credit card data is correct.
TechCrunch has identified several online stores whose customer information was exposed due to the leaked database. Many stores claim to operate outside of Hong Kong. Some stores are designed to resemble big-name brands, like Sprayground, but their websites lack clear contact information, typos and typos, and lack of customer reviews. Internet records also show sites that have been set up in the past few weeks.
Some of these sites include:
If you’ve purchased something from one of those sites in the past few weeks, you may want to look into your bank card for compromise and contact your bank or card provider.
It is not clear who is responsible for this network of fake shops. TechCrunch reached out to a person via WhatsApp with a Singapore registered phone number listed as a contact on several online stores. It is unclear if the contact listed is related to the stores, as one of the websites listed its location as a Chick-fil-A restaurant in Houston, Texas.
Internet records show the database is operated by a Tencent customer, whose cloud service is used to host the database. TechCrunch has reached out to Tencent about the leak of its customer database with credit card information, and the company responded quickly. The customer database went offline shortly after.
“When we became aware of the incident, we immediately contacted the customer operating the database and it was shut down immediately. Data privacy and security is a top priority at Tencent. We will continue to work with our customers to ensure they maintain their databases safely and securely,” said Carrie Fan, global communications director at Tencent.