A threat actor has allegedly claimed responsibility for selling a massive dataset reportedly containing personal and transactional information from Eprice.it, an Italian e-commerce platform.
The claim, which surfaced on a dark web forum, alleges that data from over 6.7 million unique individuals has been extracted. According to the forum post, the dataset purportedly includes names, surnames, ordered items, order numbers, addresses, phone numbers, and even items left in shopping carts.
The individual behind the post has allegedly put the dataset up for sale, stating that they are willing to sell it to a single buyer, depending on the offer. Contact details, including a session key and private messaging options, were provided for negotiations. The threat actor also indicated that escrow services are available for the transaction.
Cybercriminals often target online retailers due to the vast amounts of customer information they handle.
