Current Affairs
More than 3 million customer records from Sephora reportedly being peddled on Dark Web, says cybersecurity firm
According to a leading cybersecurity firm, more than three million records of customers of international cosmetics and beauty products retailer Sephora are reportedly up for sale on the Dark Web.
Singapore-based cybersecurity outfit Group-IB said in a media release on Thursday (1 Aug) that its cyber intelligence analysts located “two databases with customer data on underground forums that are likely to be related to Sephora”.
These databases are believed to contain records from February and March this year, which corresponds with the recent Sephora data breach that affected the personal data of its online customers in Singapore, Malaysia, Indonesia, Thailand, the Philippines, Hong Kong, New Zealand, and Australia.
CEO and founder of Group-IB Ilya Sachkov said in the media release that the first database was advertised on two Dark Web forums on 16 and 17 July, respectively.
According to the seller, the database “consists of 500,000 records including the usernames and hashed passwords from Sephora.co.id (Indonesia) and Sephora.co.th (Thailand)”.
“The listing’s author notes that the data comes from February 2019,” he added.
Meanwhile, the second database surfaced on an underground forum on 28 July, a day before the news of the breach was made known by Sephora.
“As its name implies “Sephora 2019/03 – Shopping – [3.2 million]”, the database contains 3.2 million records, and was leaked in March 2019,” said Mr Sachkov.
With its high-tech tools, Group-IB’s cyber intelligence team “infiltrated sources in closed hacking communities” and initiated contact with the seller, who then supplied the sample of the data being sold.
Mr Sachkov noted that the sample revealed that the database contains all sorts of personal data such as login, encrypted password, date of registration and last activity, IP of registration, last IP, gender, name, surname, ethnicity, eye color, skin tone, skin type, hair color, hair concerns, makeup essentials, and skincare routines.
He then pointed out that the set of data was priced at USD 1,900 (S$2,613).
Even though the records do not include any payment information or decrypted passwords, such detailed information about the customers can be used to carry out social engineering or targeted phishing attacks that is why the scale of the breach shouldn’t be underestimated,” he stated.
“As a precaution, we advise all customers who had accounts at Sephora to change their password, especially if they use the same login/password pair across multiple services, such as email and social media accounts, to avoid them being compromised,” he added.
TOC has reached out to Sephora earlier today for its comments on Group-IB’s findings. We have yet to receive a response, but will provide an update upon receiving a reply.
-
Singapore1 week ago
Purported resignation message from Li Hongyi as Singpass director goes viral; GovTech yet to confirm authenticity
-
Community1 week ago
PAP MP Edward Chia: ‘Sanctions on Israel do not work’ when confronted by Holland-Bukit Timah resident
-
Singapore1 week ago
Lee Hsien Yang alleges rising repression and corruption in Singapore; government calls claims a ‘personal vendetta
-
Opinion2 weeks ago
Where does Lee Hsien Loong stand on the future of 38 Oxley Road as the government revisits the issue?
-
Singapore2 days ago
PM Wong affirms government focus on Singapore’s priorities amid Lee Hsien Yang’s allegations
-
Politics2 weeks ago
Charles Yeo claims Singapore is seeking his extradition from UK; AGC remains silent
-
Comments2 weeks ago
Strong public support to honour Lee Kuan Yew’s demolition wish for 38 Oxley Road
-
Comments2 weeks ago
Netizens doubt Govt’s sincerity in honouring NSmen’s sacrifice with S$200 LifeSG credits