NomerIO

In July 2021 the Nomer.io service and its mirrors experienced a significant security breach resulting in the exposure of millions of user records. The incident occurred after attackers obtained the website source code which contained an administrator email address. By performing credential stuffing using passwords found in previous third party data breaches the attackers gained access to the system. The stolen data includes personal information linked to phone numbers as well as plaintext passwords and financial transaction totals. This breach is particularly sensitive as the service was used for looking up personal details based on mobile digits.