Data leak from yacht mooring company exposes celebrity and politician data.
04 July 2022BREACHAWARE HQ
A total of 6 breach events
were found and analysed resulting in 1,033,545 exposed accounts
containing a total of 13 different data types of personal datum
. The breaches found publicly and freely available included Disk Union, Unmined, Cyphoma, Bitmain and Xcoins. Sign in to view the full
library of breach events which includes, where available, reference articles relating to
each breach.
Categories of Personal Data Discovered
Contact Data, Technical Data, Usage Data, Socia-Demographic Data.
Data Breach Analysis
Among the breached entities was Bitmain, a major player in the global cryptocurrency mining hardware industry. The appearance of Bitmain in this data breach cohort underscores a worrying trend: infrastructure-critical tech providers are increasingly being targeted, potentially endangering not only user data but also broader operational ecosystems within the crypto space.Also affected was Xcoins, a cryptocurrency exchange platform. Platforms like Xcoins are often the target of malicious actors seeking to exploit access credentials, account balances, and identity documents. Even in breaches that don’t expose direct financial data, the combination of email addresses, IP logs, and platform activity can give attackers enough leverage for future fraud attempts or phishing campaigns.
The breach set also included Disk Union, a Japanese retail chain specialising in physical media like CDs and vinyl records. Though more niche and localised, such retailers often host loyal customer bases with recurring payment information, and breaches may result in risks to purchase history and marketing preferences.
Unmined, a digital tool used in blockchain analysis, and Cyphoma, a classifieds site focused on the French Caribbean, round out the list. While these platforms serve relatively narrow audiences, their inclusion reveals that even small or regional services are not beyond the reach of attackers. In particular, platforms like Cyphoma may contain a blend of personal identifiers and geolocation data, which can be misused in social engineering attacks.
With over 1 million records compromised, this cluster of breaches, while modest in number, highlights an important takeaway: data security is not just a concern for large platforms. Small and mid-tier services, particularly those holding financial, transactional, or location-based information, must invest in proactive protection and transparent incident response practices.
The continued availability of this data in public spaces also reinforces the need for cross-sector vigilance. Regardless of user volume, when breached data remains in circulation, the potential for downstream harm, from impersonation to unauthorised access, remains significant.
Spotlight
A fraud protection site that offers a service that "Guaranteed fraud protection for e-commerce merchants" has had a data breach with a variety of credentials been dumped onto a hacking forum. The user, and possibly the hacker who dumped the file, commented on the terrible security of the server. Obviously, no one is safe, but maybe next time if you’re going to flog fraud protection, make sure your own security is up to date. Datasets include the payment method of the users along with their physical address and full names.This next data breach is an interesting one. An artificial intelligence site based in the US was breached back in 2017. The company has a variety of offices around the world and has landed some large grants from big names in the industry. However, a member of the team picked up several files of their user-base which were doing the rounds on the unsavoury parts of the internet. A range of data types were present in the files. The most notable are tax information and email addresses. Not so intelligent after all?
The last data breach we’re going to talk about is from a French sailing and boating website. It's a small data leak, but experience tells us that the more important and slightly better off people use sites like this. Several years ago, there was a data leak from a yacht mooring company that ended up having some important celebrities and politicians within the data. It's leaks like this that could be great for OSINT work. The files contained email addresses, hashed SHA1 passwords, and IP addresses, in addition to the users' names and mobile phone numbers.