Chinese shopping platform Pandabuy told BleepingComputer it previously paid a a ransom demand to prevent stolen data from being leaked, only for the same threat actor to extort the company again this week.
exposing customer names, phone numbers, email addresses, login IP addresses, home addresses, and order details.
So, nothing important? You know what else has names, phone numbers, home addresses, etc? Publicly available databases. It’s called a phone book. IP addresses? Please. It’s not static anyway and it might just lead to a VPN.
I’d be interested in your full name, address, your phone numbers, your email adresses, birth date and credit information (which is probably in the order details)
It’s what they can do with all of it together. Particularly about calling you and pretending to be a real company, phishing you, because if they called your phone and confirmed your email, name, and home address and order details with you, then it’s likely many people would believe them.
So, nothing important? You know what else has names, phone numbers, home addresses, etc? Publicly available databases. It’s called a phone book. IP addresses? Please. It’s not static anyway and it might just lead to a VPN.
To prove your point, please dox yourself.
I’d be interested in your full name, address, your phone numbers, your email adresses, birth date and credit information (which is probably in the order details)
It’s what they can do with all of it together. Particularly about calling you and pretending to be a real company, phishing you, because if they called your phone and confirmed your email, name, and home address and order details with you, then it’s likely many people would believe them.