According to the post, the database contains sensitive information from approximately 2,796,835 users. This figure has been corroborated by HaveIBeenPwned, a well-known data breach verification service. The compromised data includes full names, email addresses, physical addresses, and PBKDF2 hashed passwords, a hashing algorithm used to protect passwords. According to the threat actor, the breach occured in July 2024.
The threat actor described the file as a .bacpac format, which is too large for them to manage effectively, leading to difficulties in accessing or providing a sample of the data. The seller has indicated that interested parties can purchase the full database through private messages on the forum.