In December 2019, it was revealed that the Chinese e-commerce player LightInTheBox was a victim of a data breach that affected the personal data of its customers. Around 1.3TB of customer information was exposed. The website offers retail goods such as gadgets, clothing, and accessories.
Researchers Noam Rotem and Ran Locar discovered the database breach in November 2019. The affected database contained user activity that took place between August 9, 2019 and October 11, 2019, and contained information such as users’ IP addresses, countries of residence, email addresses, destination pages, and user activity on the website. Besides user activity logs on LightInTheBox.com, the affected database also contained data from the firm’s subsidiary site, MiniInTheBox.com.
"The exposed data makes those affected vulnerable to many forms of fraud and online attacks. With access to user emails, cybercriminals could create convincing phishing campaigns with emails imitating LightInTheBox,” said VPNMentor’s Noam Rotem and Ran Locar, noting that using this information, a criminal could figure out exactly where a person lives.
Protect yourself against cybersecurity disasters like this by investing in a tool that will protect your network from brute-force attacks, ransomware threats, and denial-of-service (DoS) attacks. Download ManageEngine Log360, a tool that helps combat both internal and external security attacks.
Log360, our comprehensive SIEM solution, can help your organization by:
Download a free trial of Log360 to see the tool in action for yourself.
Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.
© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.
You will receive weekly cybersecurity news soon!