A threat actor has emerged, claiming to possess a database from an e-commerce company, exposing the personal information of thousands of users along with transaction details. The alleged database, compromised in 2022, encompasses 106,711 unique emails and extensive transaction records dating back to around 2010. It comprises various tables, including comments, emails, files, invoice items, items, messages, meta, options, paypals, posts, promo codes, sessions, transactions, users, visits, and vouchers. The sample data shared by the threat actor includes PayPal and other transaction details, as well as customer information such as email addresses, usernames, password hashes, street names, cities, countries, and social media accounts.