Mercado Libre

Nov 29, 2022 — 1 min read

Latin American e-commerce giant Mercado Libre suffered a cyber-attack by the LAPSUS$ group that exposed the data of 300,000 customers.

The data stolen did not contain sensitive information such as payment details or passwords.

Source: https://www.incibe-cert.es/en/early-warning/cybersecurity-highlights/cyberattack-mercado-libre-exposes-user-data

TPRM report: https://scoringcyber.rankiteo.com/company/mercadolibre

"id": "mer2221181122",
"linkid": "mercadolibre",
"type": "Ransomware",
"date": "03/2022",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 300000,
                        'industry': 'E-commerce',
                        'location': 'Latin America',
                        'name': 'Mercado Libre',
                        'type': 'E-commerce Company'}],
 'data_breach': {'number_of_records_exposed': 300000,
                 'sensitivity_of_data': 'Non-sensitive',
                 'type_of_data_compromised': 'Customer data'},
 'description': 'Latin American e-commerce giant Mercado Libre suffered a '
                'cyber-attack by the LAPSUS$ group that exposed the data of '
                '300,000 customers. The data stolen did not contain sensitive '
                'information such as payment details or passwords.',
 'impact': {'data_compromised': 'Customer data'},
 'threat_actor': 'LAPSUS$ Group',
 'title': 'LAPSUS$ Group Cyber Attack on Mercado Libre',
 'type': 'Data Breach'}

Published by

Harshit Kaur Bhatia

Mercado Libre

Google

Amazon Web Services

National Nuclear Security Administration (NNSA)