Hackers breached a website that allows people to buy and sell guns, exposing the identities of its users, TechCrunch has learned.
The breach exposed reams of sensitive personal data for more than 550,000 users, including customers’ full names, home addresses, email addresses, plaintext passwords and telephone numbers. Also, the stolen data allegedly makes it possible to link a particular person with the sale or purchase of a specific weapon.
“With this data, you can then take a public listing…and resolve it back to the [data in the stolen database] so you have the name, email and physical address and phone number of [the seller] and presumably, the location of the gun,” Troy Hunt, a cybersecurity expert who runs the popular data breach repository and alerting service Have I BeenPwned, told TechCrunch. (The researcher who found the breach shared the data with Hunt so he can upload it to Have I BeenPwned.)
techcrunch.com
The breach exposed reams of sensitive personal data for more than 550,000 users, including customers’ full names, home addresses, email addresses, plaintext passwords and telephone numbers. Also, the stolen data allegedly makes it possible to link a particular person with the sale or purchase of a specific weapon.
“With this data, you can then take a public listing…and resolve it back to the [data in the stolen database] so you have the name, email and physical address and phone number of [the seller] and presumably, the location of the gun,” Troy Hunt, a cybersecurity expert who runs the popular data breach repository and alerting service Have I BeenPwned, told TechCrunch. (The researcher who found the breach shared the data with Hunt so he can upload it to Have I BeenPwned.)
Hackers steal gun owners' data from firearm auction website | TechCrunch
Data was taken from the website GunAuction.com, a site that since 1998 allows people to put guns for auction online.
techcrunch.com