cyber Breach

SPIROL

May 11, 2023 1 min read
SPIROL

SPIROL International, a US and European manufacturer and distributor of pins, inserts, and brass nuts for plastic components was breached by the hacker group called DeleteSec.

The leaked data contained the email addresses of over 70,000 of the company’s customers and also some records contained around 886 passwords.

The hackers informed that they leveraged an SQL Injection in the news section of the site to gain access to the data.

And the files were leaked after SPIROL allegedly threatened to have the hackers arrested.

Source: https://news.softpedia.com/news/Details-of-70-000-Users-Leaked-by-Hackers-From-Systems-of-SPIROL-International-428669.shtml

TPRM report: https://scoringcyber.rankiteo.com/company/spirol

"id": "spi162851222",
"linkid": "spirol",
"type": "Breach",
"date": "02/2014",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Over 70,000',
                        'industry': 'Manufacturing',
                        'location': ['US', 'Europe'],
                        'name': 'SPIROL International',
                        'type': 'Manufacturer and Distributor'}],
 'attack_vector': 'SQL Injection',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': ['Over 70,000 email addresses',
                                               '886 passwords'],
                 'type_of_data_compromised': ['Email addresses', 'Passwords']},
 'description': 'SPIROL International, a US and European manufacturer and '
                'distributor of pins, inserts, and brass nuts for plastic '
                'components was breached by the hacker group called DeleteSec. '
                'The leaked data contained the email addresses of over 70,000 '
                'of the company’s customers and also some records contained '
                'around 886 passwords. The hackers informed that they '
                'leveraged an SQL Injection in the news section of the site to '
                'gain access to the data. And the files were leaked after '
                'SPIROL allegedly threatened to have the hackers arrested.',
 'impact': {'data_compromised': ['Email addresses', 'Passwords']},
 'initial_access_broker': {'entry_point': 'SQL Injection in the news section '
                                          'of the site'},
 'motivation': 'Unknown',
 'post_incident_analysis': {'root_causes': 'SQL Injection vulnerability'},
 'response': {'law_enforcement_notified': 'Threatened to have the hackers '
                                          'arrested'},
 'threat_actor': 'DeleteSec',
 'title': 'SPIROL International Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'SQL Injection'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.