A threat actor has recently claimed to have leaked sensitive data from Ghayar, a UAE-based e-commerce platform specializing in spare parts. According to the allegations, the Ghayar data breach occurred in July 2024 and compromised the personal information of approximately 7,100 users.
The potentially exposed data reportedly includes customer IDs, names, email addresses, country codes, mobile numbers, passwords, and customer statuses.
Extent of the Alleged Ghayar Data Breach
The threat actor’s claim details the extent of the compromised data, highlighting significant risks for the affected users. The exposed information includes:
- Customer IDs: Unique identifiers for users on the Ghayar platform.
- Names: Full names of the customers.
- Email Addresses: Personal email addresses used for account registration.
- Country Codes: Codes indicating the customers’ countries of residence.
- Mobile Numbers: Contact numbers associated with the user accounts.
- Passwords: Encrypted or possibly plaintext passwords.
- Customer Statuses: Information regarding the customers’ activity and status on the platform.
Despite these extensive details, the threat actor has not disclosed any specific motive behind the Ghayar cyberattack. This lack of clarity raises questions about whether the breach was driven by financial gain, a desire to damage Ghayar’s reputation or another unknown reason.
Ghayar e-Dealing, a limited liability company (L.L.C) registered in the Emirate of Dubai, UAE, owns and operates the website and the Ghayar App. The company specializes in providing spare parts for all types of vehicles, offering quick and safe delivery services. Ghayar is committed to global policies that guarantee the quality of spare parts and provide flexible return options to ensure total customer satisfaction.
As of the time of writing, the Ghayar official website remains fully functional, with no visible signs of disruption or foul play. To verify the claim of the data breach, The Cyber Express Team reached out to Ghayar officials for comment. However, no response has been received, leaving the claim unverified at this moment. The Cyber Express will update the story as soon as more information becomes available.
Previous Incidents in the Sector
This alleged data breach at Ghayar follows another significant incident involving Advance Auto Parts, Inc., a major provider of automobile aftermarket components. In this case, a threat actor using the handle “Sp1d3r” claimed responsibility for stealing three terabytes of data from the company’s Snowflake cloud storage. The stolen information was allegedly being sold for $1.5 million.
Advance Auto Parts reported the data breach to the US Securities and Exchange Commission (SEC) in June 2024. In their SEC filing, the company detailed the unauthorized access and subsequent investigation:
“On May 23, 2024, Advance Auto Parts, Inc. identified unauthorized activity within a third-party cloud database environment containing Company data and launched an investigation with industry-leading experts. On June 4, 2024, a criminal threat actor offered what it alleged to be Company data for sale. The Company has notified law enforcement.”
The Advance Auto Parts incident underscores the vulnerability of cloud storage solutions and the critical need for robust cybersecurity measures.
Implications and Recommendations
For the customers potentially affected by the alleged Ghayar data breach, several precautionary measures are recommended to protect their information:
- Change Passwords: Users should change their passwords for Ghayar and any other accounts where they might have used the same password.
- Enable Two-Factor Authentication (2FA): Adding an extra layer of security to their accounts.
- Monitor Accounts: Keeping a close watch on financial accounts and email for any suspicious activity.
- Be Wary of Phishing Attempts: Users should be cautious of any unusual emails or messages, especially those asking for personal information.
- Update Security Software: Ensuring all devices have the latest security software installed to protect against potential threats.
The lack of response from Ghayar’s officials leaves the situation unresolved, but the potential implications for affected customers are serious.
The Cyber Express will continue to monitor the situation and provide updates as more information becomes available.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.