Lenwood.ru

In August 2021 the Russian lumber and construction materials retailer Lenwood suffered a data breach. An unauthorized party managed to gain access to the web server and export the customer database. The incident resulted in the exposure of personal details and account credentials belonging to roughly 2 thousand registered users. The leaked passwords were stored as salted MD5 hashes which are considered cryptographically weak by modern standards and susceptible to cracking. This breach allowed attackers to obtain contact information and physical delivery addresses used for timber orders.