Data Breach Summary
In a recent security breach, WatchMarkaz.pk, a renowned online service specializing in the sale and distribution of watches, suffered a significant breach of sensitive customer information. The breach was detected by our team at InsecureWeb on August-2023, and the responsible hacker, known as “sumo,” leaked the compromised data on the dark web forum called “Cronos.li.”
The breach involved the exposure of a database containing 2.65MB of customer information, including unique identifiers (id), quantities, product names, product models, customer names, last names, email addresses, mobile numbers, region details, addresses, cities, phone numbers, and dates. This personally identifiable information (PII) was improperly accessed and subsequently published on the dark web.
Where and How?
The breach occurred within a dark web forum called “Cronos.li.” This elusive online community is known for facilitating illegal activities, including trading stolen information and coordinating cyberattacks. Here, hackers like “sumo” can anonymously exchange and sell compromised data.
During our investigations, it was revealed that the breach affected WatchMarkaz.pk’s customer database, which is an integral part of their online platform. The stolen information included essential customer details necessary for transactions, such as product-related data, personal contact information, and addresses.
A Screenshot of the data can be found below:
Company Data Breach History
To the best of our knowledge, no known history of security breaches has been previously reported for WatchMarkaz.pk. Nevertheless, this breach serves as a stark reminder of the ongoing threats faced by businesses, highlighting the vital importance of proactive security measures to safeguard sensitive customer data.
WatchMarkaz.pk is committed to prioritizing the security and privacy of their customers, implementing rigorous data protection protocols and continuously enhancing their cybersecurity infrastructure. They are working closely with industry experts to investigate the breach fully, identify any vulnerabilities, and implement additional security measures to prevent future incidents.
Recommendations for Personal Data Protection
How Users Can Protect Their Information
To protect their personal information and accounts from being compromised, users should take the following steps:
– Change their passwords frequently, with a combination of letters, numbers, and symbols.
– Enable two-factor authentication whenever possible.
– Use unique passwords for each account, to prevent hackers from accessing multiple accounts with the same password.
– Be cautious of suspicious emails or messages, as they may contain phishing links that can compromise their accounts.
– Regularly monitor their accounts for any suspicious activity.
What is InsecureWeb?
InsecureWeb is a Dark Web monitoring service that keeps track of recent data breaches and tracks their impact by monitoring the darkest places of the internet. InsecureWeb notifies users and enterprises when their data has been found online and helps them mitigate the impact.