- Researchers have discovered more than 1.6 million files online
- These seem to belong to ETSY, Poshmark and Tiktok Shop customers
- Personal identification information is included
CyberNews researchers have discovered two Azure Azure storage storage containers apparently not guaranteed that contain 1.6 million combined files, allegedly belonging to online purchasing platforms Etsy, Poshmark and Tiktok Shop.
The researchers say that these files contained personal identification information, such as full names, housing addresses, email addresses and shipping order details.
Any person who uses these services must closely monitor their accounts and take a look at the best identity robbery monitoring tools if they are worried.
Customers at risk
Both exposed instances “contained shipping email confirmations in HTML format,” confirmed the researchers, and the vast majority of exposed users are in the United States, some of Canada and Australia.
The exact origin or the property of the data sets is not yet known, but the nature of the information suggests that these belonged to a particular store (on multiple purchasing platforms), in particular an embroidery service based on Vietnamese.
Nor is it known if cybercriminals have accessed these data sets, but only an internal forensic audit would reveal this information.
The researchers described the risk that this provides to those exposed, such as convincing the social engineering attacks of cybercriminals who pass through the ETSY or Tiktok store, urging customers to give their details, which results in a possible financial loss.
“With access to personal information such as complete names and addresses, attackers could impersonate confidence shipping or ETSY, causing fraudulent communications to seem more credible and urge victims to take measures such as confirming personal details, making payments or clicking malicious links,” said the researchers.
Unfortunately, data leaks are too common for Internet users today.
We recommend regularly verifying whether your data has been exposed, using services such as Have I Bened, and monitor your accounts, statements and transactions, and immediately inform any suspicious or unexpected activity with your bank or credit card provider.
