RenewBuy Hacked!
A dark web forum member under the alias ‘Sanggiero’ has claimed to hack RenewBuy.com, a prominent online distribution platform owned by D2C Insurance Broking Private Limited based in India and offered to sell records of nearly one million users compromised in the alleged RenewBuy data breach.
In a post shared on the dark web forum, the threat actor offered the compromised data for $450, along with the access to the user account on the company’s Amazon S3 instance for $15.
The Cyber Express has reached out to the company to validate the RenewBuy data breach claims. However, at the time of writing, the company had not responded to the query or confirmed whether RenewBuy was hacked.
RenewBuy hacked! User Information at high risk!
Sanggiero has advertised the stolen data from RenewBuy.com for $450, providing potential buyers access to an extensive amount of personal information belonging to the platform’s users.
The compromised data encompasses names, email addresses, dates of birth, genders, mobile numbers, Aadhaar numbers (UID), permanent account numbers (PAN), scanned photographs, addresses, bank account information, and copies of various personal documents associated with users and insurance agents linked to D2C Insurance Broking.
The RenewBuy data breach becomes even more alarming due to the accessibility of the URLs hosting scanned documents without proper authorization.
These URLs were stored on Amazon S3, creating a vulnerability allowing unauthorized individuals to view and exploit sensitive documents.
Discussing the RenewBuy data breach, a security researcher at the Cyble Research and Intelligence Labs said: “While it appears that the targeted Amazon infrastructure may have been managed and operated by RenewBuy, the origin of the subject data breach could not be established at the moment.”
The researcher noted that the soft handling or mishandling of sensitive and personal data by e-commerce platforms and especially businesses in BFSI industry has been a persistent concern in the Indian cyber security space.
“A mature business must consider that cybercriminals are consistent in exploring and exploiting sensitive data for financial gains and should not overlook the importance of a thorough security audits and authentication controls to prevent such crimes from happening,” the CRIL researcher told The Cyber Express.
RenewBuy data breach mitigation strategies
D2C Insurance Broking Pvt Ltd and RenewBuy.com, both directly affected by the RenewBuy cyber attack, now face the challenging task of mitigating the fallout.
With nearly one million user records at risk, impacted individuals may encounter negative consequences such as identity theft, financial fraud, and targeted phishing attempts.
Addressing the RenewBuy data breach promptly and effectively is crucial for the organization. Immediate steps must be taken to secure their systems, conduct a thorough investigation, and notify all affected users. Open communication and transparent updates are essential to regain trust among the user base.
Users registered on RenewBuy.com should take precautionary measures to safeguard their personal information. Changing passwords immediately, particularly if the same password is used for other online accounts, is crucial.
Moreover, implementing two-factor authentication, when available, adds an extra layer of security.
Users should also remain vigilant against suspicious emails or messages that may be potential phishing attempts, as cybercriminals may exploit the breached data for targeted attacks.