Data Breach Summary
In a significant breach affecting bilisremitonline.com, an online remittance service in the Philippines, sensitive customer data was compromised. This breach was detected by our diligent dark web scanning team at InsecureWeb on July 8, 2023. The responsible hacker, known as “sumo,” shared the stolen data on the dark web forum “Cronos.”
The breach involved unauthorized access to a database containing a substantial amount of sensitive information from bilisremitonline.com. The compromised data includes IDs, date added, reference numbers, transaction amounts, currencies, seller and buyer names, addresses, contact numbers, transaction statuses, filenames, and reasons for cancellation.
Where and How?
This breach occurred predominantly on the dark web forum “Cronos,” notorious for hosting illegal activities, including data breaches and the trade of stolen information. The hacker, “sumo,” played a major role in disclosing the compromised customer data, which comprised vital transaction details associated with bilisremitonline.com.
Further investigation revealed that the breach specifically targeted the company’s database, compromising sensitive information related to customer remittances. Unauthorized access allowed the hacker to obtain transaction data such as IDs, reference numbers, transaction amounts, currencies, seller and buyer names, addresses, contact numbers, transaction statuses, filenames, and reasons for cancellation.
A Screenshot of the data can be found below:
Company Data Breach History
To the best of our knowledge, there is no known history of security breaches reported for bilisremitonline.com. However, this breach highlights the evolving threat landscape faced by remittance service providers, emphasizing the importance of robust security measures to protect sensitive customer data.
bilisremitonline.com is actively addressing the breach, working closely with cybersecurity experts to investigate the incident comprehensively. Their aim is to enhance security protocols, identify any vulnerabilities, and prevent future breaches that could compromise customer data integrity and erode public trust.
Recommendations for Personal Data Protection
How Users Can Protect Their Information
To protect their personal information and accounts from being compromised, users should take the following steps:
– Change their passwords frequently, with a combination of letters, numbers, and symbols.
– Enable two-factor authentication whenever possible.
– Use unique passwords for each account, to prevent hackers from accessing multiple accounts with the same password.
– Be cautious of suspicious emails or messages, as they may contain phishing links that can compromise their accounts.
– Regularly monitor their accounts for any suspicious activity.
What is InsecureWeb?
InsecureWeb is a Dark Web monitoring service that keeps track of recent data breaches and tracks their impact by monitoring the darkest places of the internet. InsecureWeb notifies users and enterprises when their data has been found online and helps them mitigate the impact.