PandaBuy.com

In March 2024 the Chinese shopping platform Pandabuy suffered a significant data breach after malicious actors exploited several vulnerabilities in the systems API. The incident resulted in the unauthorized access and subsequent publication of sensitive customer information on a popular cybercrime forum. The threat actors known as Sanggiero and IntelBroker claimed responsibility for the attack which targeted the platforms internal databases. The leaked data includes a wide range of personal identifiers and transaction details belonging to millions of international customers who used the service to purchase goods from China.