Risk Based Security notes:
On March 2nd, 2020, a notorious threat actor posted a leaked Vijay Sales database on a popular dark web hacker forum. Vijay Sales is a large electronics retail store chain in India, with nearly two hundred thousand users affected in the leak. The threat actor claimed the source was from an “exposed backup server” breached in February 2020.
The user records included names, email addresses, passwords, phone numbers, and device information. In addition, a total of 90 files were found that also included thousands of customer service records, detailed store and personnel information, business operations information, and numerous administrative accounts that contained usernames, email addresses, passwords, verification codes, and roles.
GEOCLOUD
In the same week, a different threat actor posted another database, this time from technology company GeoCloud, leaked through a public Amazon server. The data contained users’ names, email addresses, and passwords as well as the company’s social media keys and company information.
Read more on RBS.