Carousell Group

A database of user accounts that were stolen from online marketplace Carousell was sold on the Dark Web and hacking forums.

The database, which allegedly contained 2.6 million accounts’ information, is being sold for $1,000.

The data was compromised after a bug was introduced during a system migration and used by a third party to gain unauthorised access.

Hackers also uploaded the 2GB database two days before Carousell confirmed the breach.

The leak contains victims’ usernames, first and last names, e-mail addresses, mobile phone numbers, country of origin, date of account creation and a number of followers.

Source: https://www.asiaone.com/singapore/carousell-data-breach-info-26-million-accounts-allegedly-sold-dark-web-hacking-forums

"id": "CAR1831122",
"linkid": "carousellgroup",
"type": "Breach",
"date": "10/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"