Information of 1.3 million users allegedly exposed


Popular online shopping platform PandaBuy has reportedly suffered a massive data breach, affecting more than 1.3 million users. The PandaBuy data breach was posted on a dark web forum in collaboration with two malicious actors: Sanggiero and IntelBroker.

The two hackers exploited vulnerabilities in PandaBuy’s systems, including critical flaws in its API. These weaknesses granted unauthorized access to sensitive user data, including user IDs, names, contact details, login IP addresses, and order history.

Alleged PandaBuy Data Breach Claims on the Dark Web

Alleged PandaBuy data breach
Source: Dark Web

PandaBuy, known for allowing overseas consumers to purchase products from Chinese e-commerce giants like Tmall, Taobao and, did not confirm the report. data breach. Howeer, regional director of Microsoft, Hunt for Troy confirmed that the leaked data “did indeed come from Pandabuy”.

Hunt also revealed that the data samples provided by the hackers had “made-up email addresses” that were not part of the original leak, proving that the threat actors’ “3 million” claim was an exaggeration and that the leaked data was limited to 1.3 million accounts.

PandaBuy data breach
Source: Troy Hunt on X

The PandaBuy data breach came to light when “Sanggiero” published an article about the incident on March 31, 2024, announcing the leak of the PandaBuy database upload to a website. hacking forum.

The threat actor’s message reads: In April 2024, almost 3 million rows of data from shopping company Pandabuy were published on a popular site. piracy forum. The data was stolen by exploiting several critical vulnerabilities in the platform’s API and other bugs were identified allowing access to the site’s internal service.

Decoding sample data

Alongside the PandaBuy data breach post, threat actor Sanggiero shared a series of data samples while conversing with other forum members. The Cyber ​​Express analyzed these sample data and found a structured data set of order requests from the PandaBuy platform.

Each row in the dataset represents a customer request regarding their orders, providing information on various aspects such as order cancellations, size adjustments, shipping updates, refunds, and product queries. order status.

The Cyber ​​Express contacted the e-commerce organization to learn more about this data breach PandaBuy. However, at the time of writing, no official statement or response has been received, leaving the PandaBuy data leak allegations unconfirmed.

IntelBroker’s involvement

The likelihood that this PandaBuy data breach is true is due to the fact that IntelBroker, a solo hacker, is also involved in the incident. For its archives, Intel Broker has claimed responsibility for numerous cyberattacks and the majority of them have been proven to be true.

In addition, exclusively interview with the hacker, TCE discovered that the hacker worked alone and had claimed data breaches on organizations like the Los Angeles Airport. Discussing his modus operandi with TCE, IntelBroker discussed his hacking journey, cleared up misconceptions and addressed his involvement in CyberNegroes.

The hacker highlighted breaches that deserved more attention and shared his insights into the depths Dark web and data breaches. The hacker advocates transparency in manipulation cybersecurity incidents and admires Sanggiero of BreachForums for his contributions.

As for the PandaBuy data breach, tThis is an ongoing story and The Cyber ​​Express will closely monitor the situation. We will update this article once we have more information about the alleged Pandabuy data breach or any official confirmation from the organization.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only and users take full responsibility for their reliance on it. The Cyber ​​Express assumes no responsibility for the accuracy or consequences of the use of this information.

Leave a comment