- A popular scooter-sharing company confirmed that millions of users’ information are stolen and it is being sold online.
- The database includes 7.2 million customers’ names, email addresses, and phone numbers, partial payment card details for 1.9 million of those users, along with 3 million promo codes.
- Whoosh claims that the threat actors won’t be able to access users’ accounts and the full payment data is safe.
Russia’s popular urban mobility service platform confirmed that 7.2 million users’ personal information has been breached. The stolen data is being sold online. The hackers are currently selling the database that contains the details of 7.2 million customers on a hacker forum. According to Russian news sources, the company admits the incident and stated that they have informed users.
Partial payment card details
Whoosh, which has 75,000 scooters in 40 cities, is working with law enforcement to stop hackers from selling user information online. According to the post, the database includes 7.2 million customers’ names, email addresses, and phone numbers. The database also includes partial payment card details for 1.9 million of those users, along with 3 million promo codes, allowing users to rent a scooter for free.
The seller is asking for $4,200 or .21490980 bitcoins from five buyers only. Currently, no one didn’t buy the database yet, according to the SatoshiDisk platform. The database is also being sold on Telegram. The hacker on Telegram claims that the data was stolen with an attack that was launched in November of 2022. On the other hand, Whoosh claims that the incident doesn’t affect account access, transaction information, or travel details and threat actors are not able to gain access to full payment data.