A breached data marketplace has claimed to host Tjori.com’s leaked data. Tjori.com is an Indian e-commerce portal that sells apparel and accessories, among other things.
According to threat intelligence analysts, a data leaks channel called ‘We Leak Database’ has claimed to have 1 million records from the database of Tjori.
The Cyber Express has reached out to Tjori.com. The company is yet to confirm or deny the incident.
Tjori data leak claims made on We Leak Database
Threat Intelligence Service Falcon Feeds tweeted about the Tjori data leak claims with the above screenshot of the targeted website. The screenshot was found on We Leak Database with a header with a list of details from the website.
Among the details listed in the Tjori data leak claim were –
- ID
- Password
- Last login
- First and last name
- Status of staff
- Date joined
It is not clear what the user who made the Tjori data leak claims on We Leak Database demanded in return for the information. The dark web channel of We Leak Database has a base of 4.4K members as seen by The Cyber Express.
They have a Telegram channel for making claims about data leaks and data stolen from websites via cyber attacks.
However, the authenticity of their claims cannot be verified as hackers and dark web forum users have been known to make false claims to make money.
They post about possessing data from websites and upload samples as proof. It can be to dupe underground users who are looking for personally identifiable information for duplication and fraud.
Tjori data leak claim and tactics used on the underground marketplaces
A recent claim made on the hacker forum was denied by the targeted company further solidifying this facet of the underground marketplaces.
A user going by the name, ‘Verified Gangsta’ named BCA Bank on it claiming to have data from their website through a ‘hidden software’ and an insider who was providing them secret information.
They posted samples of data claiming that it was from the prominent Indonesian bank.
However, when we asked the bank to verify the underground forum’s claims, it was clarified that the samples posted had data that failed to match the bank’s database.
Not much could be trusted about underground marketplaces as it is based on fraud with the intention to make money.
Tjori data leak claims and the breached data market
Hackers often turn to the dark web to make claims about data breaches and cyber attacks they launch on company websites.
The global average cost of a data breach in 2023 was $4.45 million, a 15% increase over three years, reported an IBM study.
Most ransomware groups have their own dark web portals or websites where they announce plans of launching cyber attacks, names of websites hacked, data leaked from the security breach, and so on.
The MOVEit cyber attack that gave the hackers from the Cl0p ransomware group access to over 300 organizations so far was named on the dark web portals.
Some named organizations confirmed being impacted either by MOVEit or another third-party vendor they worked with that used MOVEit file transfer services.
The University of Oklahoma confirmed being impacted by the MOVEit cyber attack and stated that all the data shared through MOVEit was likely compromised.
While there may be false claims made on the dark web, most hackers do share data from their cyber attacks that they seek a ransom against.
In case of a data breach occurring due to an internal mistake, immediately remove the exposed data from your portals, warned a US Federal Trade Commission advisory.
“If the data breach involved personal information improperly posted on your website, immediately remove it. Be aware that internet search engines store, or “cache,” information for a period of time,” it said.
