Basarab.ru

In February 2024 the Russian online clothing retailer Basarab experienced a significant data breach. An unauthorized third party successfully compromised the store infrastructure leading to the exposure of several database tables. The leaked information includes data on approximately 60 thousand registered users and 166 thousand customer orders. The total volume of published records exceeds 600 thousand lines. Exposed datasets contain sensitive personal details such as full names, email addresses, phone numbers, and physical delivery addresses. Additionally, the leak includes payment-related metadata and user account passwords stored as SHA1 hashes with salt. This incident poses a high risk of credential stuffing and targeted phishing attacks against the affected customers.