A threat actor has allegedly leaked the database of WaitWhatWeb, a web development company based in Bandung, Indonesia. The company, which specializes in creating digital solutions for branded clients, was targeted in a recent cyberattack, with the data subsequently published on a dark web forum for download. The full dataset is said to be 4.5GB and allegedly contains records for 17,468 users.
The compromised data appears to stem from a user database and includes a variety of sensitive personal information. The threat actor also listed several domains, purportedly belonging to clients of WaitWhatWeb, suggesting their information may also be impacted by this breach. The leaked information allegedly includes:
- User login credentials
- Hashed passwords
- Usernames and display names
- Email addresses
- User URLs
- Registration dates and activation keys
