PlanteShop.dk

The Danish online plant store PlanteShop.dk suffered a significant data breach exposing customer information. The incident involved an unauthorized access to the web server database resulting in the extraction of personal details used for orders and accounts. This leak poses a risk of phishing and targeted spam for the affected customers. The data was discovered on several darknet forums where it was shared for further exploitation by cybercriminals. Security researchers identified the vulnerability as a likely SQL injection which allowed attackers to bypass authentication and dump the user tables.