Security News > 2021 > July > Hole blasted in Guntrader: UK firearms sales website's CRM database breached, 111,000 users' info spilled online
Criminals have hacked into a Gumtree-style website used for buying and selling firearms, making off with a 111,000-entry database containing partial information from a CRM product used by gun shops across the UK. The Guntrader breach earlier this week saw the theft of a SQL database powering both the Guntrader.
Uk buy-and-sell website and its electronic gun shop register product, comprising about 111,000 users and dating between 2016 and 17 July this year.
Rew Barratt, UK MD of infosec biz Coalfire, analysed the database after it was dumped on the RaidForums website.
Guntrader is roughly similar to Gumtree: users post ads along with their contact details on the website so potential purchasers can get in touch.
Guntrader aimed to automate the tedious administrative side with its combined CRM and stock management product, which also interfaced with its website.
Reports on shooting sports websites indicated that Guntrader had blamed an iframe on a customer's website as the point of entry.