A customer database containing the private information of 1.1 million RedMart user accounts was breached, and this information was then sold on an internet forum.
The data leak was confirmed by a representative for e-commerce behemoth Lazada, which also owns e-grocer Redmart.
It was discovered that the stolen personal data included names, phone numbers, e-mail addresses, mailing addresses, passwords that were encrypted, and a portion of credit card numbers.
Customers were also cautioned by Lazada to watch out for phishing emails, in which con artists pose as Lazada representatives and request critical information.
TPRM report: https://scoringcyber.rankiteo.com/company/redmart
"id": "red4498523",
"linkid": "redmart",
"type": "Data Leak",
"date": "10/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 1100000,
'industry': 'E-grocer',
'name': 'RedMart',
'type': 'E-commerce'}],
'customer_advisories': 'Customers were cautioned by Lazada to watch out for '
'phishing emails.',
'data_breach': {'data_encryption': 'Passwords were encrypted',
'data_exfiltration': 'Yes',
'number_of_records_exposed': 1100000,
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Payment Information']},
'description': 'A customer database containing the private information of 1.1 '
'million RedMart user accounts was breached, and this '
'information was then sold on an internet forum.',
'impact': {'data_compromised': ['names',
'phone numbers',
'e-mail addresses',
'mailing addresses',
'encrypted passwords',
'a portion of credit card numbers']},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes'},
'response': {'communication_strategy': 'Customers were cautioned by Lazada to '
'watch out for phishing emails.'},
'title': 'RedMart Data Breach',
'type': 'Data Breach'}