Halara probes breach after hacker leaks data for 950,000 people


Popular athleisure clothing brand Halara is investigating a data breach after the alleged data of almost 950,000 customers was leaked on a hacking forum.

The Hong Kong company was founded in 2020 and quickly became very popular through the many videos promoting its clothing on TikTok.

Halara told BleepingComputer that it is aware that customer data was allegedly stolen and leaked online and is investigating a potential breach.

This comes after a person named ‘Sanggiero’ claimed to have breached Halara earlier this month and shared a text file containing stolen customer data on a hacking forum and a Telegram channel.

“In January 2024, over 1M rows of data from the store company Halara was posted to a popular hacking forum. The data contained 1M unique addressId, first name, last name, phone numbers, country, home address, zip, province, city, iso,” reads a post from Sanggiero.

Forum post about alleged Halara data breach
Forum post about alleged Halara data breach
Source: BleepingComputer

It should be noted that the forum post uses an incorrect logo for Halara and instead uses one for a cannabis company that was not breached.

BleepingComputer has reviewed the leaked data, and while Sanggiero says it contains 1 million lines of data, the text file only contains 941,910 records.

While BleepingComputer has not been able to confirm if all of the data is accurate, we contacted multiple people listed in the file and have confirmed that they are all Halara customers and that their listed phone numbers, names, and addresses are accurate.

In a conversation with BleepingComputer, Sanggiero says that they obtained the data by exploiting a bug in an API on Halara’s website, which they say is still unfixed.

Sanggiero said they did not contact Halara about the stolen data and decided to release it for free as it would not have a lot of value if trying to sell it.

Halara customers should be on the lookout for targeted smishing attacks (SMS phishing) that attempt to steal other information, such as email addresses and passwords.

This information can be used for further attacks or sold to other threat actors who use it for fraud or other malicious behavior.

BleepingComputer is aware of numerous threat actors selling stolen accounts for online retailers, such as Saks 5th Avenue, Express, and Ulta Beauty, which are used to make fraudulent purchases.



Source link