Ransomware gangs' security breached.
15 May 2022BREACHAWARE HQ
A total of 11 breach events
were found and analysed resulting in 53,569,722 exposed accounts
containing a total of 19 different data types of personal datum
. The breaches found publicly and freely available included Acxiom, BizAway, Path 2 USA, Ebay and Channel Navigator. Sign in to view the full
library of breach events which includes, where available, reference articles relating to
each breach.
Categories of Personal Data Discovered
Contact Data, Financial Data, Usage Data, Socia-Demographic Data, Social Relationships Data, Locational Data, Technical Data, Behavioural Data.
Data Breach Analysis
Among the most significant inclusions is Acxiom, a prominent data marketing and consumer analytics firm. Companies like Acxiom hold vast repositories of personal and behavioural data, often aggregated from multiple sources to build detailed consumer profiles used in targeted advertising. A breach here can have broad implications, as it potentially exposes users not just directly affiliated with Acxiom but also individuals whose data was indirectly collected or licensed from third parties. The potential fallout includes profiling misuse, unwanted solicitation, and identity-based manipulation.BizAway, a corporate travel management platform, represents the growing risk faced by B2B service providers. Handling itineraries, billing information, corporate email addresses, and employee profiles, platforms like BizAway are integral to enterprise operations. If breached, such services may not only affect individual employees but also compromise sensitive operational details of entire organisations, including travel patterns, client meeting data, and reimbursement records.
The inclusion of eBay, a household name in global online commerce, raises critical concerns around consumer trust. With millions of active users worldwide, eBay manages personal addresses, payment data, communication logs, and historical transaction records. A data breach involving such a widely used platform increases the likelihood of downstream fraud, particularly through phishing or impersonation attacks leveraging known user behaviour or account history.
Path2USA, a platform serving individuals navigating U.S. immigration, offers another dimension to the breach landscape. Sites like these typically cater to individuals engaging with highly sensitive life transitions, visa processing, travel documentation, legal consultations, and medical insurance arrangements. Exposure of this data poses heightened risks, particularly to non-residents or recent immigrants who may already be vulnerable to scams or misinformation campaigns.
Channel Navigator, while less well-known, is part of a larger ecosystem of e-commerce tools that assist sellers in managing inventory, pricing, and marketplace integration. Breaches in such services may not only compromise user data but also operational information like sales volumes, pricing strategies, or platform credentials, especially problematic for small businesses operating in competitive online marketplaces.
The scale, over 53 million records, combined with the prominence of the organisations involved underscores the severity of these exposures. When data marketing firms, global retailers, and immigration-related platforms appear in the same breach cohort, it illustrates the overlapping digital footprints most users now inhabit. This means that even partial records, when aggregated across different services, can be weaponised in ways that are difficult for users to anticipate or control.
For end-users, the fallout from these kinds of breaches can range from increased spam and phishing attempts to financial fraud or reputational harm. For companies, especially those dealing in trust-based services like data brokerage or migration assistance, breaches can trigger regulatory scrutiny, class action lawsuits, and long-term brand erosion.
Moreover, the transnational nature of the impacted entities introduces jurisdictional complexity. Different breach notification laws, consumer protections, and regulatory standards can affect how, and whether, users are informed, compensated, or protected after their data is exposed.
This set of events continues a troubling pattern: organisations across every sector and size remain vulnerable, and the consequences for users can be vast even when those users did not directly engage with the breached platform. As always, the key mitigations remain consistent: for individuals, practices like enabling multi-factor authentication, monitoring for suspicious activity, and limiting the spread of personal data across platforms are essential. For organisations, greater emphasis on proactive data minimisation, security testing, and third-party risk management is needed.
In sum, this batch of breaches highlights both the volume and variety of modern cyber exposure. As the digital economy grows more interconnected, data security becomes not just a technical concern but a fundamental social and economic one, one in which both users and institutions have a stake, and increasingly, a shared vulnerability.
Spotlight
A breach that caught our eye was a South African travel website. We're not sure how long the breach has been flying around. The passwords had already been de-hashed, resulting in a file with the email addresses and plain text passwords being dumped on an underground forum and quickly beginning to circulate. The breach consisted of 133,000 compromised credentials however this is a good example of how people use their work email address to book travel and holiday, as the number of companies caught up with this small breach was disproportionately high.Other news, a ransomware gang had their own security breached when login details and an onion address for their affiliate site were posted on an underground forum. We’re not sure who was the original user, but after reading the thread, someone's in trouble. The login details gave access to the affiliate section of the site.
A proxy provider has experienced a large data breach, and section of their user-base has been exposed online with a sizeable amount of datasets. The website states they provide seven million different proxy's. Spooning through the data we’ve seen lot of emails with a list of IP address’s attached. This could be a gold mine for anyone conducting any OSINT work.
Another interesting set of data compromised came from an eBay store. Not a large number of compromised accounts but different data types compared to the last reported breach incident from 2014 where some 145 million user records were compromised.
And our week would not be complete without a bitcoin company's data being compromised. This time it was company called BitHoven with exposed email addresses and passwords. Other companies last week impacted were business intelligence, marketing (massive), education, IT, media and gaming companies/forums.