Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024

5.6 Million Records that Appear to Belong to ‘Reverb’ Users Leaked Online

mood

By mood
in Security & Privacy News

Recommended Posts

mood

mood

Posted
Posted

5.6 Million Records that Appear to Belong to ‘Reverb’ Users Leaked Online
 

  • A researcher has discovered a large set of data consisting of ‘Reverb’ user details.
  • A contractor may have managed the cluster, or it could have been stolen from elsewhere.
  • The data that was exposed is very sensitive, including names, emails, IPs, PayPal details, and phone numbers.

 

reverb-music-instrument-696x392.jpg

 

Researcher Bob Diachenko has published a staggering finding on Twitter involving an unprotected ElasticSearch cluster that held 5.6 million data records. The entries are generic but match some elements found on Reverb shops, so the data appears to have been derived from the popular music instruments online marketplace. As for what data was leaked, this includes the full names, email addresses, postal addresses, phone numbers, listing/order count, PayPal account email, IP address, and more.

 

JUST COMPLETED ANALYSIS OF THE SAMPLES: SEEMS LIKE IT WAS DATA OF 5.6M @REVERB USERS EXPOSED VIA UNPROTECTED ES CLUSTER, INCL: FULL NAME, EMAIL, POSTAL ADDRESS, PHONE, LISTING/ORDER COUNT, PAYPAL EMAIL.. IP IS DOWN NOW. NOT SURE IF CLUSTER WAS MANAGED BY REVERB OR SOMEONE ELSE. PIC.TWITTER.COM/W7V2YKN0OR

— Bob Diachenko (@MayhemDayOne) April 23, 2021

 

In a private chat with Diachenko, the researcher told us that he first discovered the database on April 5, 2021, which is when specialized search engines indexed it. Since then, the database was taken offline, so it is no longer accessible, but in the meantime, the researcher hasn’t been able to figure out if the cluster was managed by Reverb or someone else. This could have been a snatch from elsewhere, but until Reverb gets back to us with a comment on this, we have no way to tell.

 

The consequences of this breach are dire, and as Diachenko privately shared with us, there are some big-name shops included in the exposed set. The fact that there’s a PayPal account email accompanied by phone numbers, for example, opens up the way for SIM-swap-based 2FA bypassing. Also, phishing, scamming, and general trickery are obviously greatly empowered by this set.

 

For this reason, Reverb should have already sent notifications of a breach to its users, but as far as we can tell, something like that hasn’t happened. The researcher told us that Troy Hunt will get a list of all the exposed emails soon, so expect haveibeenpwned.com to add the relevant list, helping the compromised users found out if their details are included in the set or not.

 

Our advice to all Reverb users would be to reset your password on the platform as well as anywhere else you may be using the same credentials. Next, send a message to Reverb’s support and ask for clarifications on how this incident impacts you. For now, there is no confirmed breach on the Reverb platform, but you’d better be safe than sorry.

 

 

Source: 5.6 Million Records that Appear to Belong to ‘Reverb’ Users Leaked Online

Link to comment
Share on other sites
  • Views 348
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...