EstanteVirtual

In February 2019 the prominent Brazilian online bookstore Estante Virtual suffered a significant security breach. The incident was attributed to the notorious hacker group known as GnosticPlayers who targeted the platform as part of a larger series of attacks against multiple online services. The breach exposed sensitive personal information belonging to approximately 5.4 million users. Data compromised during the attack included full names, usernames, email addresses, physical mailing addresses, and passwords stored as SHA-1 hashes. The hackers successfully gained unauthorized access to the database and later put the records up for sale on darknet marketplaces which is a common tactic used by this threat actor group to monetize stolen credentials and personal data.