Hackread reports that widely used e-commerce platform WooCommerce had more than 4.4 million user records including those from the National Institute of Standards and Technology, the New York City Department of Education, NVIDIA, and the University of Oklahoma purportedly stolen by the threat actor "Satanic" through a third-party breach.
Aside from having over 4 million individual records, the database which is being peddled on Telegram and direct messages also includes 1.3 million unique email addresses and nearly a million phone numbers, as well as corporate website metadata, according to Satanic. Further analysis of the sample data provided by the hacker showed the presence of estimated revenue, utilized marketing platforms, and other details found in marketing databases across all records, while numerous others referenced WordPress CMS, as well as Salesforce, PayPal, Stripe, and Pardot integrations. WooCommerce has yet to respond to the assertions of Satanic, which touted the third-party breach of Magento just hours before.
Aside from having over 4 million individual records, the database which is being peddled on Telegram and direct messages also includes 1.3 million unique email addresses and nearly a million phone numbers, as well as corporate website metadata, according to Satanic. Further analysis of the sample data provided by the hacker showed the presence of estimated revenue, utilized marketing platforms, and other details found in marketing databases across all records, while numerous others referenced WordPress CMS, as well as Salesforce, PayPal, Stripe, and Pardot integrations. WooCommerce has yet to respond to the assertions of Satanic, which touted the third-party breach of Magento just hours before.
