Cybernews
  • News
  • Editorial
  • Security
  • Privacy
    • What is a VPN?
    • What is malware?
    • How safe are password managers?
    • Are VPNs legal?
    • More resources
    • Strong password generator
    • Personal data leak checker
    • Antivirus software
    • Best VPN services
    • Password managers
    • Secure email providers
    • Best website builders
    • Best web hosting services
  • Follow
    • Twitter
    • Facebook
    • YouTube
    • Linkedin
    • Flipboard
    • Newsletter

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

Our readers help us create quality content. If you purchase via links on our site, we may receive affiliate commissions. Learn more

Home » Security » Hacker on hacker crime: personal information of 24,000 illegal data buyers leaked online

Hacker on hacker crime: personal information of 24,000 illegal data buyers leaked online

by CyberNews Team
12 March 2021
in Security
0
Hacker on hacker crime: personal information of 24,000 illegal data buyers leaked online
0
SHARES

Could the leak spell doom for former customers of the illicit data brokerage WeLeakInfo?

A user on a popular hacker forum is selling a database containing highly sensitive information of more than 24,000 customers of the now-defunct illegal online service WeLeakInfo. 

Before it was shut down by the FBI in January 2020, WeLeakInfo was a website that had been selling access to stolen information scraped from more than 10,000 data breaches, which contained over 12 billion indexed user credentials, including names, usernames, email addresses and passwords for online accounts.

The forum user is selling the highly sensitive information of former WeLeakInfo customers – including their full names, IP addresses, street addresses, and phone numbers – for about $2 in virtual forum currency. 

For the customers who used their real names and personal payment accounts to make the illegal purchases, this leak, if genuine, is tantamount to doxxing.

To see if any of your online accounts were exposed in previous security breaches, use our personal data leak checker with a library of 15+ billion breached records.

What was leaked?

The author of the forum post is selling a ZIP archive that contains payment data of WeLeakInfo customers who made their illicit purchases via Stripe, including:

  • Full names
  • Partial credit card data
  • Transaction dates and their Stripe reference numbers
  • Currencies and amounts paid for stolen data
  • Email addresses
  • IP addresses
  • User Agents (used to identify the browser/device used by the customer)
  • Street addresses
  • Phone numbers

Contents of the WeLeakData ZIP archive:

Stripe dashboard data included in the WeLeakData samples:


Examples of Stripe payment information included in the WeLeakData samples:


Fortunately for the people who bought illicit data from WeLeakInfo via PayPal or Bitcoin, their information is not included in the leak. In the words of the author, they’re “all good.”

How the data was acquired: an oversight by the FBI?

The user who is selling the WeLeakData archive on the hacker forum claims that the FBI might have missed a spot during the seizure of the original WeLeakInfo domain. According to the forum post author, there was a separate domain associated with the WeLeakInfo service that was used to process payments made by people who bought stolen data via Stripe. And it seems that the payment website was, inadvertently or not, allowed to expire in March 2021. 

This means that after the website expired, anyone could have claimed the domain as their own. Which the cheeky forum user seemingly did on March 11. 

The author claims they were then able to perform a password reset against the Stripe.com account that was potentially associated with one of the two owners of WeLeakInfo, and gain access to all the data from the website, which seems to have operated for less than a year and accumulated sales of a little over £100,000 from 24,603 customers. 

Judging from the samples of data provided by the author, the age of the Stripe account owner is consistent with the FBI’s information about the arrested owners of WeLeakInfo.

What’s the impact of the leak?

The information found in the WeLeakData archive could come back to bite the website’s former users in a variety of ways. 

First and foremost, threat actors could use the data to identify the users and blackmail or extort them, or try to breach their other online accounts via social engineering. The latter, however, would probably be unlikely to succeed as people who know where to purchase illicit information are usually quite adept at protecting their own data.

On the other hand, could this spell doom for more than 24,000 users whose personal details are now accessible to law enforcement agencies? Back in January 2021, a year after the website was seized, the UK’s National Crime Agency arrested 21 people across the country as part of an operation targeting former WeLeakData customers, which means that law enforcement already had data on at least some of the customers. Could this number grow a thousand-fold this year?

So, next time you see an ‘accounts for sale’ ad somewhere on the web, it’s worth keeping in mind that not every service you can buy online is legal: always make sure you’re not breaking the law when buying any kind of information or data.

The importance of safe domain hygiene

For organizations on the legitimate side of business, leaks like this show why detaching your domain from all of your online accounts is incredibly important. This is especially true if you’re switching to a different domain.

If you don’t want to wake up to see confidential company data sold on some hacker forum, make sure to keep tabs on your domain expiry dates. Otherwise, someone can snatch your domain on the day of expiry, take it over and access all of the accounts attached to it.

ShareTweetShareShare
Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's choice

500M LinkedIn user records sold on hacker forum
News

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

by CyberNews Team
6 April 2021
4

We updated our leak checker database with more than 780,000 email addresses associated with this leak...

Read more
LinkedIn, FB, Twitter, Clubhouse apps seen on an iPhone

Recent Facebook, LinkedIn and Clubhouse leaks explained

15 April 2021
Cheapest tool to kill satellites? A computer

Cheapest tool to kill satellites? A computer

13 April 2021
A gift to criminals and tyrants? Soon, wireless devices could become object sensors

A gift to criminals and tyrants? Soon, wireless devices could become object sensors

13 April 2021
“Not ideal” from a privacy standpoint: Clubhouse API lets “anyone” scrape public user data

“Not ideal” from a privacy standpoint: Clubhouse API lets “anyone” scrape public user data

12 April 2021
  • Categories
    • News
    • Editorial
    • Security
    • Privacy
  • Reviews
    • Antivirus Software
    • Password Managers
    • Best VPN Services
    • Secure Email Providers
    • Website Builders
    • Best Web Hosting Services
  • Tools
    • Password Generator
    • Personal Data Leak Checker
  • Engage
    • About Us
    • Send Us a Tip
    • Careers
  • Twitter
  • Facebook
  • YouTube
  • Linkedin
  • Flipboard
  • Newsletter
  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.
Subscribe For Security Tips And CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Our Privacy Policy and Terms & Conditions

Home

News

Editorial

Security

Privacy

Resources

  • About Us
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.