According to the security company Risk Based Security, the social media marketing company Preen.Me accepted one hacking attack which allowed the attacker to acquire access in personal data about 100.000 influencers and 250.000 social media users. Then the assailant exposed the stolen data to hacking Forums. This means that any cybercriminal can access them and use them to carry out attacks and fraud.
Data breaches and leaks were discovered by the Risk Based Security research team on June 6, when one hacker revealed that he had violated Preen.Me systems. and presented the data to 100.000 influencers in a well-known forum. THE hacker uploaded the same day, via pastebin, part of the data and two days later on June 8, he said he would report the rest, although this has not yet happened.
The stolen information includes social media links of influencers, addresses e-mail, names, phone numbers and home addresses. Influencers affected by the leak data, dealing with cosmetics and life-style issues.
Roy Bass, senior dark web analyst at Risk Based Security, commented: “The passwords have not been leaked, but criminals can search for breached passwords from other exposed bases data and link them to the accounts of influencers and their users, via emails, other personal information or brute force technicians ”.
Then, on June 14, the same cybercrimeist leaked details of another 250.000 social media users, using the application of Preen.Me, ByteSizedBeauty. The exposed ones archives include social media links, as well as personal information such as home address and email, date of birth, eye color and skin tone.
Bass added: "As for the other social media users"They are vulnerable to the threats mentioned earlier and especially to spear-phishing attacks and identity theft due to the leak of more personal information."