A threat actor has recently claimed to have breached the database of EnglishCentral.com, an online language learning platform. The announcement was made on a dark web forum, where the threat actor offered the allegedly stolen data for sale.
The post asserts that the breach affects nearly 3.9 million users, with customer information spanning from 2021 to 2024. The dataset reportedly includes a range of sensitive details, such as names, account IDs, email addresses, registration dates, lesson status, and even phone numbers and Skype IDs. Additional information in the database allegedly comprises payment dates, product IDs, lead scores, and country details.
In the post, the threat actor provided a sample of the stolen data and stated that the sale will be conducted exclusively in Monero (XMR).
The threat actor also issued a message directed at EnglishCentral’s staff, offering to delete the data permanently if contacted.
