April 2, 2024 at 12:42PM
Ecommerce platform Pandabuy faces a data breach as cybercriminals hawk personal information from 1.3 million customers, including user IDs, names, phone numbers, and more. Despite admitting the breach and offering a 10% discount to sellers, backlash ensues due to alleged attempts to silence discussions and deflect from the incident. Customers are urged to remain vigilant.
From the meeting notes provided, it appears that Pandabuy, an ecommerce platform based in China, has experienced a significant data breach. The breach compromised the personal data of 1.3 million customers and included sensitive information such as user IDs, full names, phone numbers, email addresses, IP addresses, home addresses, and order data.
Security expert Troy Hunt confirmed the authenticity of the breach and validated that some of the leaked email addresses were genuine and stored by Pandabuy. Pandabuy acknowledged the breach and attributed it to cybercriminals bypassing its security controls. The company stated that financial information was not compromised but labeled the incident as a “data breach” carried out by a “hacker organization.”
In response to the breach, Pandabuy offered affected users a 10% discount on shipping costs for one month and issued repeated apologies, but this gesture was met with negative sentiment from the community. There were claims that Pandabuy attempted to silence discussions related to the breach on its Discord and Reddit channels, which further aggravated the situation.
Overall, the meeting notes highlight the severity of the data breach, the company’s acknowledgement and response, and the negative reaction from customers and online communities.