A threat actor has allegedly leaked the full customer database of Shopline, a major Asia-based e-commerce platform provider. The company, which offers tools for businesses to create and manage their online stores, was targeted in a recent data breach that has resulted in the exposure of sensitive information belonging to nearly 31,000 customers. The data was posted on a dark web forum, where the perpetrator put the database up for download. Shopline is a significant player in the e-commerce industry, particularly in markets across Asia, providing services ranging from online shop setup to payment and transaction processing.
The compromised database allegedly contains a wide array of Personally Identifiable Information (PII) that could be exploited by malicious actors for phishing, fraud, and identity theft. The threat actor listed numerous data fields that were included in the leak. An investigation into the claims is likely underway. The exposed data allegedly includes:
- Full Name
- Email Address
- Contact Number and Recipient Phone Number
- Password Set (format unspecified)
- Physical Address (Address 1, Address 2, City, Country/Region, Postal Code)
- Gender and Birthday
- Order and Transaction Details (Number of Orders, Cumulative Amount)
- Last Login Time
- UTM Source and Campaign Details
