A recent report has emerged, revealing how data of millions of registered users on the Teespring platform was found on the dark web . The Teespring platform allows users to create and sell custom-printed apparel.
According to the report , the database was leaked on Sunday and was made available as a 7zip file on the darknet forum.
The file also includes two SQL files, with the first file containing a database of over 8.2 million Teespring user records. The details on the file include the email addresses of the users, but do not include passwords.
Although the file doesn’t contain password details of the users, the email addresses can be used for potential phishing attacks in the future by other threat actors.
The second files on the database contain email account information of about 4.6 million users of the same platform.
But there is more information for other types of attacks on the second SQL file. The details include their email address, home addresses, OpenID identifiers for account login, Facebook profile, phone numbers, the users’ real names, as well as their usernames.
There were other details the hackers who posted the database did not release on the forum.
The good news about the incidents is that many of the accounts do not have all this information filed on their Teespring profile. As a result, it reduces the level of attack the leaked database would have been subjected to.
And because password data is not included in the leaked file, the users may still keep their details safe from any fishing details. However, because the hackers didn’t post any password details doesn’t mean they were not stolen too. The hackers may not want to release them if they have them and have intentions to sell to the highest bidder.
For the second time in a week, the ShiniHunters have been mentioned as possible threat actors responsible for the breach. However, they may not be the original hacker but only had access to post them on the forum.
While the ShinyHunters claimed responsibility for the hack of 1.9 million user records of the Pixlr platform, they didn’t claim they are responsible for this breach. So, the original hackers could have more details of the beach, including user passwords.
Teesingspring data was initially put out for sale on the same darknet forum a month ago before it was later exposed to the public for free last week. The move by ShinyHunters could be part of the common practice by data brokers to sabotage the sales of rivals.
A Teespring spokesperson revealed that the firm is aware of the hacking incident, as it has announced it on December 1st, 2020. According to the spokesperson, the hacking incident occurred in June last year when a threat actor successfully stole user data from its cloud infrastructure.
Teespring mentioned that the breach could have come from one of its third parties. The spokesperson said a third party service Wayday requited to have access to some parts of its at some time ago. To grant access to the third party, a technology called OAuth was used.
Teespring said it is looking at the possibility that its data was stolen and compromised via this technology.
Teespring added that Wayday retained the Oauth technology used for accessing Teespring and many other firms. The token was employed to gain access to the Teespring server and infrastructure.
The hacking incident at Wayday was extensively covered in the news when it happened in July last year.
Teespring was founded a decade ago and has risen to become a very popular company on the internet, ranking at number 1,410 out of the 1,500 most popular sites on the internet.
The company has millions of users and a very active user-base due to the type of service it offers.
With the latest hacking incident of Waydey now affecting the custom printed apparel sharing site, the company is now facing a setback.
The Wayday breach has also affected other companies and the last may not be heard about the long list of victims from the incident.