Comedian Studying Platform Coughs Up Private Particulars Of 23M Customers In Knowledge Breach
On: July 12, 2022
Last yr, a hacker who goes by the identify “pompompurin” managed to breach a Federal Bureau of Investigation (FBI) internet portal and ship out hundreds of hoax emails from an official FBI e-mail tackle. Just a pair weeks prior, pompompurin gained unauthorized entry to the inner community of the inventory buying and selling app Robinhood and stole consumer knowledge. The hacker then posted this stolen knowledge on the market on RaidForums with a minimal asking worth of 5 figures.
Fast ahead to this yr, and US legislation enforcement seized the domains of RaidForums and shut down the web site. However, pompompurin rapidly launched Breach Forums, a site supposed to take the place of RaidForums. Even although the location hasn’t been working for lengthy, Breach Forums has already been dwelling to info stolen in one of many largest knowledge breaches ever. While pompompurin might have his arms full working Breach Forums, he hasn’t retired from hacking.
Have I Been Pwned (HIBP), a web site that helps individuals decide whether or not their e-mail addresses or telephone numbers have been caught up in knowledge breaches, lately up to date its database with info from a knowledge breach that came about in May of this yr. This breach compromised the information of over 23 million Mangatoon customers. Mangatoon is a platform for studying comics, and the corporate has remained silent in regards to the breach, even after HIBP made the breach publicly identified. The breach uncovered the next consumer info:
Social media identities
Authentication tokens from social logins
Salted MD5 hashes of passwords
While Mangatoon hasn’t acknowledged the breach, pompompurin has come ahead to assert accountability for the incident. The hacker shared samples of the information, in addition to a screenshot of the folder containing all of the stolen databases, with BleepingComputer. The publication was in a position to affirm that the information contained within the samples corresponds to legitimate Mangatoon accounts. Pompompurin additionally knowledgeable BleepingComputer that he’ll possible leak the stolen knowledge in some unspecified time in the future.