cyber Breach

Нова пошта

May 7, 2023 1 min read
Нова пошта

Nova Poshta has been accused of leaking the personal information of 500,000 users to the dark web.

An unidentified person sold the personal data of Nova Poshta clients in the dark web, an encrypted area of the internet that can only be accessed by special software.

The seller had offered two databases.

The first has 500,000 records of clients, with their full names, phone numbers, city of residence, passport information and email address.

The second has 18 million records but with less information, only names and numbers.

The seller is charging Hr 1,500 ($55) for a copy of the database with 500,000 clients.

Source: https://www.kyivpost.com/technology/personal-data-500000-nova-poshta-clients-allegedly-leaked-dark-web.html

TPRM report: https://scoringcyber.rankiteo.com/company/novaposhta

"id": "hob11267622",
"linkid": "novaposhta",
"type": "Breach",
"date": "02/2018",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': 500000,
                        'industry': 'Logistics',
                        'location': 'Ukraine',
                        'name': 'Nova Poshta',
                        'type': 'Company'}],
 'attack_vector': 'Data Leak',
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': 500000,
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information']},
 'description': 'Nova Poshta has been accused of leaking the personal '
                'information of 500,000 users to the dark web. An unidentified '
                'person sold the personal data of Nova Poshta clients in the '
                'dark web, an encrypted area of the internet that can only be '
                'accessed by special software. The seller had offered two '
                'databases. The first has 500,000 records of clients, with '
                'their full names, phone numbers, city of residence, passport '
                'information, and email address. The second has 18 million '
                'records but with less information, only names and numbers. '
                'The seller is charging Hr 1,500 ($55) for a copy of the '
                'database with 500,000 clients.',
 'impact': {'data_compromised': ['Full names',
                                 'Phone numbers',
                                 'City of residence',
                                 'Passport information',
                                 'Email address']},
 'initial_access_broker': {'data_sold_on_dark_web': 'Yes'},
 'motivation': 'Financial Gain',
 'threat_actor': 'Unidentified',
 'title': 'Nova Poshta Data Leak',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.