Carousell Group

A database of user accounts that were stolen from online marketplace Carousell was sold on the Dark Web and hacking forums.

The database, which allegedly contained 2.6 million accounts’ information, is being sold for $1,000.

The data was compromised after a bug was introduced during a system migration and used by a third party to gain unauthorised access.

Hackers also uploaded the 2GB database two days before Carousell confirmed the breach.

The leak contains victims’ usernames, first and last names, e-mail addresses, mobile phone numbers, country of origin, date of account creation and a number of followers.

Source: https://www.asiaone.com/singapore/carousell-data-breach-info-26-million-accounts-allegedly-sold-dark-web-hacking-forums

TPRM report: https://scoringcyber.rankiteo.com/company/carousellgroup

"id": "car1831122",
"linkid": "carousellgroup",
"type": "Breach",
"date": "10/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'customers_affected': '2.6 million',
                        'industry': 'E-commerce',
                        'name': 'Carousell',
                        'type': 'Online Marketplace'}],
 'attack_vector': 'System Migration Bug',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': '2.6 million',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'Medium',
                 'type_of_data_compromised': ['usernames',
                                              'first and last names',
                                              'e-mail addresses',
                                              'mobile phone numbers',
                                              'country of origin',
                                              'date of account creation',
                                              'number of followers']},
 'description': 'A database of user accounts that were stolen from online '
                'marketplace Carousell was sold on the Dark Web and hacking '
                'forums. The database, which allegedly contained 2.6 million '
                'accounts’ information, is being sold for $1,000. The data was '
                'compromised after a bug was introduced during a system '
                'migration and used by a third party to gain unauthorised '
                'access. Hackers also uploaded the 2GB database two days '
                'before Carousell confirmed the breach. The leak contains '
                'victims’ usernames, first and last names, e-mail addresses, '
                'mobile phone numbers, country of origin, date of account '
                'creation and a number of followers.',
 'impact': {'data_compromised': ['usernames',
                                 'first and last names',
                                 'e-mail addresses',
                                 'mobile phone numbers',
                                 'country of origin',
                                 'date of account creation',
                                 'number of followers']},
 'initial_access_broker': {'data_sold_on_dark_web': True},
 'motivation': 'Financial Gain',
 'post_incident_analysis': {'root_causes': 'System Migration Bug'},
 'title': 'Carousell Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'System Migration Bug'}