Security News > 2022 > November > Whoosh confirms data breach after hackers sell 7.2M user records
The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum.
On Friday, a threat actor began selling the stolen data on a hacking forum, which allegedly contains promotion codes that can be used to access the service for free, as well as partial user identification and payment card data.
In a new statement shared with RIA Novosti today, Whoosh admits that there is a data leak and informs its user base they are working with law enforcement authorities to take all measures to stop the distribution of the data.
"The leak did not affect sensitive user data, such as account access, transaction information, or travel details," stated a Whoosh spokesperson.
The seller also claimed that the stolen data included 3,000,000 promo codes, which people can use to rent Whoosh scooters without paying.
In a separate sale of the data on Telegram, the threat actor claims it was stolen during a November 2022 attack on Whoosh.
News URL
Related news
- Wolf Haldenstein law firm says 3.5 million impacted by data breach (source)
- Otelier data breach exposes info, hotel reservations of millions (source)
- HPE investigates breach as hacker claims to steal source code (source)
- CISA: Hackers still exploiting older Ivanti bugs to breach networks (source)
- PayPal to pay $2 million settlement over 2022 data breach (source)
- UnitedHealth now says 190 million impacted by 2024 data breach (source)
- PowerSchool starts notifying victims of massive data breach (source)
- Hackers exploiting flaws in SimpleHelp RMM to breach networks (source)
- US healthcare provider data breach impacts 1 million patients (source)
- US healthcare provider data breach impacts 1 million patients (source)