According to a threat actor on a dark web forum, a South Korea based fitness platform ENfit was allegedly breached.
The breach purportedly resulted in the leak of sensitive information belonging to over 4 million customers and trainers. The full data dump, reportedly sized at 18 GB, contains extensive personal details, including IDs, names, email addresses, city IDs, passwords (both hashed and plain text), coupons, dates, phone numbers, device modes, email statuses, remember tokens, gender, age, and timestamps for account creation and more.
The threat actor is requesting $3,500 for the alleged breach and sample data is included in the forum post.
