A database of user accounts that were stolen from online marketplace Carousell was sold on the Dark Web and hacking forums. The database, which allegedly contained 2.6 million accounts’ information, is being sold for $1,000. The data was compromised after a bug was introduced during a system migration and used by a third party to gain unauthorised access. Hackers also uploaded the 2GB database two days before Carousell confirmed the breach. The leak contains victims’ usernames, first and last names, e-mail addresses, mobile phone numbers, country of origin, date of account creation and a number of followers.

Taipei, March 12 (CNA) During the past five weeks, the Criminal Investigation Bureau has found that Shopee and Carousell, two Singapore-based online marketplaces, have been the two C2C platforms where users have been most likely to fall for phishing scams (CIB). In order to undertake scams like canceling installment payment plans, the assaults were designed to obtain personal or company information from clients who used it to complete online transactions. According to the CIB, between June 2022 and February 2023, it notified seven ministries, including the MODA, the Ministry of Health and Welfare, the Ministry of Education, the Ministry of Economic Affairs, and the Ministry of Culture, about up to 100 e-commerce companies suspected of disclosing customer personal data.