South Korean E-Commerce Site Gmluxmall.com Compromised
Gmluxmall.com hit by a data breach! Personal and transactional info of 138,000 users leaked. Find out what happened and how to protect yourself. #DataBreach #Cybersecurity
Gmluxmall.com is an online retail store based in South Korea, known for offering a variety of products ranging from electronics to fashion items. While not as prominent globally as major e-commerce giants, Gmluxmall.com caters primarily to South Korean consumers, providing a localized shopping experience.
Breach Details:
- Date of Breach: April 2024
- Threat Actor: The breach was orchestrated by a user named IntelBroker, in collaboration with Sangisero and EnergyWeaponUser. The incident was publicized on a known dark web forum, BreachForums, indicating that the data was made available for download shortly after the breach.
- Exposed Data: The breach compromised the personal information of approximately 138,000 users. The leaked data includes:
- Order Information: Order IDs, order types, order dates, statuses, and product details.
- User Information: User IDs, contact information (phone numbers, addresses), and registration details.
- Transaction Data: Product codes, pricing details, and delivery information.
The exposed information is extensive, covering both personal identifiers and transactional data, which could potentially be used for identity theft, targeted phishing attacks, and fraud.
Threat Actor Profile:
- IntelBroker: Known within cybersecurity circles for involvement in multiple high-profile data breaches, IntelBroker has a reputation for exploiting vulnerabilities in e-commerce platforms and selling or leaking the acquired data on dark web forums. The individual or group has been active since at least 2023, with ties to various hacking communities.
- Collaborators: Sangisero and EnergyWeaponUser, who assisted in this breach, are also recognized for their activities in cybercrime forums, often collaborating on breaches that target retail and e-commerce databases.
Previous Breaches:
While there is no widely known history of previous breaches involving Gmluxmall.com, the recent incident underscores a growing trend of cyberattacks targeting South Korean e-commerce platforms. The increasing sophistication of cybercriminals, combined with the potentially lucrative rewards from such attacks, makes smaller retailers like Gmluxmall.com prime targets.
Context:
The breach at Gmluxmall.com comes amid a broader wave of cyberattacks against e-commerce sites globally. With the rise of online shopping, especially during and after the COVID-19 pandemic, hackers have increasingly focused on exploiting vulnerabilities in online platforms to steal user data and financial information. This trend underscores the need for robust cybersecurity measures across all levels of online retail, from small businesses to multinational corporations.