Data Breach Summary
Shein.com, an online clothing retailer, suffered a data breach that resulted in the theft of 38.5 MB of personal information, including email addresses and encrypted passwords for customers’ online store accounts. The breach was discovered by InsecureWeb on March 27, 2023, and was posted by Pavlov on HydraMarket on the same day.
Where and How?
The data breach was found on HydraMarket, a dark web forum known for selling stolen data. Pavlov, a notorious dark web hacker, posted the data on this forum, and it was discovered by InsecureWeb during a routine scan of the dark web.
A Screenshot of the data can be found below:
%20Shein.com%206.42%20million%20Leaked%20by%20Pavlov%2C%2003-27-2023.png)
Company Data Breach History
This is not the first data breach that Shein.com has experienced. In 2018, the company suffered a major data breach that resulted in the theft of 6.42 million user accounts. The breach was caused by a vulnerability in the company’s website, which allowed hackers to gain access to sensitive information. This site is working with cybersecurity experts to further investigate the incident and is taking steps to strengthen its security measures in order to prevent similar breaches from occurring in the future.
Recommendations for Personal Data Protection
How Users Can Protect Their Information
To protect their personal information and accounts from being compromised, users should take the following steps:
– Change their passwords frequently, with a combination of letters, numbers, and symbols.
– Enable two-factor authentication whenever possible.
– Use unique passwords for each account, to prevent hackers from accessing multiple accounts with the same password.
– Be cautious of suspicious emails or messages, as they may contain phishing links that can compromise their accounts.
– Regularly monitor their accounts for any suspicious activity.
What is InsecureWeb?
InsecureWeb is a Dark Web monitoring service that keeps track of recent data breaches and tracks their impact by monitoring the darkest places of the internet. InsecureWeb notifies users and enterprises when their data has been found online and helps them mitigate the impact.