Personal data of an estimated 100,000 social media influencers has been accessed and partially leaked following a breach at social media marketing firm Preen.Me, Risk Based Security has discovered. The same breach has also led to more than 250,000 social media users having their information fully exposed on a deep web hacking forum, leaving these individuals at risk of being targeted by scams.
The leak was discovered by Risk Based Security’s data breach research team on June 6 when a known threat actor revealed they had compromised Preen.Me’s systems and were holding the personal information of over 100,000 affiliated influencers under ransom on a popular deep web hacking forum. The actor shared 250 records via PasteBin on the same day, and two days later on June 8, stated their intention to release the other 100,000 records, although this has not yet occurred.
The information includes influencers’ social media links, email addresses, names, phone numbers and home addresses. It was noted that those affected appear to be associated with cosmetic or lifestyle-related content.
Roy Bass, senior dark web analyst, Risk Based Security, commented: “While passwords were not leaked, threat actors can search for compromised passwords from other database leaks and link them to the accounts through email addresses/other personal information, or employ brute force techniques. We observed one threat actor state his intention to do so.
“They [those exposed] are also susceptible to spam and substantial harassment via their leaked contact information, as well as spear-phishing and identity theft scams if enough personally identifiable information is gathered.”
Then on June 14, the same cyber-criminal fully leaked the details of over 250,000 social media users who use Preen.Me’s application, ByteSizedBeauty. This includes their social media links, as well as personal information such as home and email address, date of birth, eye color and skin tone.
Bass added: “Regarding the other social media users, they are vulnerable to the previously mentioned threats with an increased risk for spear-phishing and identity theft scams due to more personal information being leaked.”