OnlineTrade.ru

History

2024: Data breach of millions of users

In early March 2024, it became known that as a result of a hacker attack, the personal data of more than 3.8 million users of the online store "Online Trade" was leaked. According to reports, an attacker was involved in the hack, who had previously published on the Internet information about users of the educational portal GeekBrains and the logistics company SDEK.

It is known that during the invasion of the IT infrastructure of the Online Trade site, the attacker gained access to an extensive set of personal data of registered customers of the online store. These are, in particular, name, email address, phone number, hashed password, date of birth (not for all users), date of registration and last login to the profile, list of all IP addresses that the user applied. This information can be used to organize personalized phishing attacks and other fraudulent schemes aimed at stealing money.

Unsplash

Immediately after the attack, when trying to log into an account on the Online Trade platform, a password reset warning was issued. Initially, it was reported that the cybercriminal stole information about 3,744,188 customers of the online store. However, as of the beginning of March 2024, this figure increased to 3,805,265. Thus, the number of leaked records exceeded the initial estimate by more than 61 thousand.

Andrei Aristov, head of the Online Trade client service, said that Roskomnadzor had carried out an on-site check on the fact of the leak. It has been established that the company's employees have nothing to do with hacker hacking. At the same time, as noted, the Online Trade platform conducted an audit of the system and additional training of responsible persons, and also reset all passwords from customers' personal accounts.^[1]

Notes