A threat actor has allegedly leaked a significant amount of internal user data from the Pincong website and put it up for sale on a dark web forum. Pincong is a popular Chinese-language online community based in Hong Kong, known for hosting discussions on political topics that are often critical of the Chinese government. Due to the politically sensitive nature of the content, users rely heavily on the platform’s anonymity to protect their identities, making this alleged breach particularly severe.
The data is being offered for a price of $3,000. The seller claims to possess “many many lots of files” containing internal user information from the site. To prove their claim, the threat actor shared a sample showing a list of user credentials. The potential exposure of user identities could pose a significant risk to individuals who have participated in discussions on the platform, potentially subjecting them to state scrutiny or retaliation.
Based on the evidence provided by the threat actor, the compromised information allegedly includes sensitive user credentials. The specific data types exposed in the breach appear to be:
- Usernames
- Email Addresses
- Passwords
