In a recent cyber incident, a threat actor has claimed to have obtained a substantial database from Dkhoonemirates, a prominent online retailer. The data, purportedly consisting of 1,187,492 rows, is said to include extensive customer information and transaction details. This alleged breach has been made public with a demand for $4800 USD in cryptocurrency (XMR or BTC) for a one-time sale. The seller has threatened to publish the data if no buyer comes forward.
The data, which is claimed to be updated as of June 2, 2024, is reportedly stored in a file named “Dkhoonemirates.csv,” with a size of 514MB. According to the seller, the dataset includes a comprehensive range of customer and order details, such as:
- Customer Information: Names, emails, mobile numbers, and addresses.
- Order Details: Order status, payment methods, shipping methods, and tracking IDs.
- Financial Information: Payment statuses, subtotal amounts, VAT, shipping costs, cash on delivery amounts, discounts, and total amounts.
- Additional Data: Google Maps locations, coupon codes, product names, SKUs, quantities, order product costs, unit prices, transaction references, and timestamps.
If verified, this breach could have severe repercussions for Dkhoonemirates and its customers. The exposed data could potentially be used for identity theft, fraud, and other malicious activities.