A threat actor has allegedly leaked the data of 1 million customers of Stihl Shop New Zealand, a popular retailer of chainsaws, lawnmowers, and other outdoor power equipment. The company, a well-known brand with stores across the country, is a major supplier for both professional and domestic users, making this a significant breach affecting a large portion of its customer base. The data was advertised for sale on a dark web forum.
According to the post, the data for sale was obtained from a MySQL database dump from the official Stihl Shop New Zealand website, stihlshop[.]co[.]nz. The threat actor claims the database contains information for over 1 million users and is being sold for $1200. The compromised information allegedly includes a wide range of sensitive customer details.
The leaked data allegedly includes:
- Full name
- Full address
- Phone number
- Email address
- Fax number
- Balance information
