In a dark web forum post, a threat actor has claimed to have compromised data belonging to BotSpace, a company specializing in WhatsApp business solutions. The alleged breach, which reportedly occurred in 2024, has raised concerns about the security of user data for major companies that rely on BotSpace’s services, including BMW, JW Marriott, and MINI.
The threat actor advertised a one-time sale of data purportedly stolen from BotSpace’s databases. According to the post, the data includes sensitive details such as customer names, phone numbers, labels, assignments, and creation dates, all of which are critical for businesses relying on automated customer engagement and support tools via WhatsApp.
The post also includes a sample of the data, boasting 487,000 rows of user information. The threat actor is seeking payment in Monero (XMR), a cryptocurrency favored for its privacy features, and has invited potential buyers to contact them directly on the forum for offers.