MLN, an Australian IT vendor, has its customer database leaked
Threat actors have leaked a database full of juicy information on an Australian computer hardware provider MLN. Administrator-level access could potentially allow threat actors to access sensitive information.
A user on a private darknet forum is giving away a database with 21,807 accounts belonging to MLN, a Melbourne-based laptop vendor. Information collected by our researchers leads us to believe that hackers posted the database at the end of September.
CyberNews researchers have contacted the Australian Cyber Security Centre (ACSC) about the leak. The ACSC informed us they notified MLN and referred the matter to relevant law enforcement agencies.
We also contacted MLN, emailing the company, as well as using other means to reach out. MLN, however, did not respond to our queries regarding the leak. Since the ACSC could not inform us about what further actions were taken, we urge MLN customers to promptly change their passwords to prevent any account takeover attempts.
The database contains user IDs, account passwords, user levels, emails, phone numbers, names and surnames of account holders, country of residence, home addresses, and other sensitive information.
According to our researchers, passwords are hashed using the infamous md5 hash, disregarded as outdated for over a decade. The hash proved to show a high chance of collisions and is generally easy to dehash for anyone intending to view the original password.
All accounts in the leaked database seem to have at least some sort of access privilege. User levels are likely simply numbered from 1 to 9, with the higher number indicating the level of access an account has.
Level 1 likely indicates a user-level account meant to access the shopping cart and their profile. A level 9 account password, likely that of a system admin, is included in the leaked database.
Contrary to cyber security good practice, the password does not contain any special symbols or case-specific characters.
We've noted, for example, that one level 5 account password in the database doesn't even contain numbers. According to our leaked password checker, the password appeared over 4,600 in other leaks, pointing to inadequate password strength.
Our researchers also found two level 7 accounts included in the database. Administrator-level access to a database containing information on retail clients and customers can be potentially very damaging.
For one, hackers can access the business CMS and extract even more data on MLNs partners and clients. That could potentially include extremely sensitive information on payments and invoices.
MLN claims to sell laptops, notebooks, PCs, business products, cameras, and other gadgets. The company primarily operates in Australia but claims to ship its products worldwide.
What to do if your password was leaked?
If you suspect that one or more of your passwords may have been leaked, we recommend taking the following steps in order to secure your data and avoid potential harm from threat actors:
- Use our personal data leak checker and leaked password checker to see if your data has been leaked in this or other breaches.
- If your data has been compromised, make sure to change your passwords across your online accounts. You can easily generate complex passwords with our strong password generator or consider using a password manager.
- Enable two-factor authentication (2FA) on all of your online accounts.
- Watch out for incoming spam emails, unsolicited texts, and phishing messages. Don’t click on anything that seems suspicious, including emails and texts from senders you don’t recognize.
More from CyberNews
Subscribe to our newsletter