Personal data of over 100,000 social media influencers have been compromised and partially leaked following a breach impacting the next generation social marketing platform Preen.Me.
In a report published Wednesday, data breaches and vulnerability intelligence firm Risk Based Security revealed the leak and said the same incident fully exposed the personal information belonging to over 250,000 social media users on a hacking forum.
“Risk Based Security uncovered the leak on June 6, 2020 when a known threat actor posted on a popular deep web hacking forum that they had compromised Preen.Me’s systems and were holding the personal information of over 100,000 affiliated influencers under ransom,” the security company wrote.
“The threat actor then shared 250 records via PasteBin on the same day, with a further comment on June 8th, stating their intent to release the other 100,000 records. Those additional records have yet to be released,” it added.
Among the details compromised in the breach included the names of the impacted influencers, their social media links, their email addresses, their phone numbers, as well as their home addresses. The report also added that affected influencers appear to be associated with cosmetic or lifestyle-related content.
Initially, when the leak was first uncovered, social media influencer data has not been fully posted. However, on June 14, over a week after the leak was discovered, the threat actor fully exposed the details belonging to more than 250,000 influencers who use Preen.Me’s application called ByteSizedBeauty.
According to Risk Based Security, stolen records of the 253,051 influencers were presented in a user data table, with fields such as Facebook name, Facebook ID, Facebook URL, Facebook friends list, Twitter ID, and Twitter name. Other personal information exposed in the breach included the influencers’ date of births, eye color, skin tone, and other identifying information.
“While passwords were not leaked, threat actors can search for compromised passwords from other database leaks and link them to the accounts through email addresses/other personal information, or employ brute force techniques. We observed one threat actor state his intention to do so,” explained Roy Bass, senior dark web analyst at Risk Based Security.
“They [those exposed] are also susceptible to spam and substantial harassment via their leaked contact information, as well as spear-phishing and identity theft scams if enough personally identifiable information is gathered,” he added.
According to Risk Based Security, they have reached out to Preen.Me about the leak but haven’t received any response from the company yet.
