Teespring’s data has been leaked by a well-known hacking group called ShinyHunters. The ShinyHunters is a famous name in the cyber circles. Over the years, the group has hacked and released consumer data from hundreds of businesses. However, it has not been proven that this is the hacking group that is the actual attacker of Teespring.
Teespring is a top-ranking website that lets its users make personalized clothing and sell it on their web. The platform is loved by many but, recently, it has been affected by a hack on Waydev, a third-party service provider, that suffered a breach earlier in 2020.
The criminal actor has recently uploaded the personal details of over eight million Teespring users into a cybercrime website called RaidForums.
The leaked details reportedly originated from a Teespring hack that has happened in June 2020. The publicly accessible information contains email addresses and usernames, as well as personally identifiable details such as real names, phone numbers, home addresses, and even Facebook and OpenID identifiers.
The data was uploaded to RaidForums as a 7zip archive containing two separate SQL files. The first file includes a list with more than 8.2 million email addresses and the day the email address was last changed. The second file has over 4.6 million user account data. The assumption that not all accounts have all of their information filled minimizes the effect on each customer to the details they wanted to disclose with the organization.
Passwords related to the leaked accounts have not been published. It is unclear whether the ShinyHunters have obtained access to passwords at all, or they simply have decided not to make them publicly available in this leak.
The Teespring users’ data was originally accessible in private data-selling networks last December, before being leaked for free last week by ShinyHunters.
Teespring breached through a hack on Waydev app.
From the latest reports on the incident, it appears the company’s data was stolen via intrusions into Waydev, a Github analytics provider that experienced a bad cyberattack last summer.
A Teespring spokesperson confirmed that in June 2020, a hacker managed to get hold of customer data from the cloud service’s infrastructure. The company disclosed the breach to the public on December 1st, 2020.
A third-party service provider called Waydev, which required access to some of Teespring’s data, has been evaluated in relation to the incident. According to the company’s spokesperson, Waydev retained the OAuth token for Teespring which token was later accessed without authorization from Waydev by a third party. This token was then used to access some of the Teespring’s infrastructures.