Data Breach Summary
In a significant security breach, niobooks.in, an online bookstore based in India, fell victim to a breach that resulted in the exposure of sensitive personal information. InsecureWeb, a dedicated dark web scanning company, detected the breach on September 2023. The responsible hacker, known as “sumo,” published the leaked data on the dark web forum named “sumo.”
The breach involved unauthorized access to a database containing a substantial amount of sensitive customer information from niobooks.in. The compromised data includes customer IDs, first names, last names, email addresses, mobile numbers, OTP secret keys, password details, freeze status, password digests, and roles.
Where and How?
This breach occurred within the dark web forum known as “sumo,” which is notorious for hosting illegal activities and the publication of stolen information. The hacker, “sumo,” was responsible for exposing the stolen data, which included personal information related to niobooks.in customers.
Further investigation revealed that the breach specifically targeted the customer database of niobooks.in. The unauthorized access allowed the hacker to obtain a significant amount of customer data, compromising personal details such as names, email addresses, contact numbers, and password-related information.
A Screenshot of the data can be found below:
Company Data Breach History
To date, there is no known history of security breaches reported for niobooks.in. However, this breach highlights the evolving threat landscape faced by online businesses, stressing the importance of implementing robust security measures to protect sensitive customer data.
Niobooks.in is actively cooperating with cybersecurity experts to investigate the breach thoroughly. They are working diligently to enhance their security protocols and prevent future incidents, addressing any vulnerabilities that may have contributed to the breach.
Recommendations for Personal Data Protection
How Users Can Protect Their Information
To protect their personal information and accounts from being compromised, users should take the following steps:
– Change their passwords frequently, with a combination of letters, numbers, and symbols.
– Enable two-factor authentication whenever possible.
– Use unique passwords for each account, to prevent hackers from accessing multiple accounts with the same password.
– Be cautious of suspicious emails or messages, as they may contain phishing links that can compromise their accounts.
– Regularly monitor their accounts for any suspicious activity.
What is InsecureWeb?
InsecureWeb is a Dark Web monitoring service that keeps track of recent data breaches and tracks their impact by monitoring the darkest places of the internet. InsecureWeb notifies users and enterprises when their data has been found online and helps them mitigate the impact.