A threat actor claims to have breached RevolutionParts, an e-commerce platform designed to assist automotive dealerships, manufacturers, and parts sellers in growing their online sales. The actor has listed a database allegedly belonging to the company for sale on a cybercrime forum.
According to the post, the breach impacts a significant number of individuals. The actor asserts that the compromised database contains the personal information of 5,147,231 unique customers. The data is being offered for a “One Time Sale” payable in cryptocurrency (BTC, ETH, or XMR), suggesting the actor intends to sell the exclusive rights to the data to a single buyer.
The Data: According to the actor, the compromised database contains extensive Personally Identifiable Information (PII). The allegedly compromised data includes:
-
Full names
-
Email addresses
-
Phone numbers
-
Physical addresses (Street, City, State, Zip Code)
-
IP addresses
-
User agent details
-
Device information (Device OS, Model, Brand)












