VipOferta.bg

In April 2021 the Bulgarian travel operator VipOferta suffered a significant data breach when hackers gained unauthorized access to its customer database. The incident resulted in the public exposure of sensitive information belonging to approximately 350000 users. The leaked data included customer names, email addresses, phone numbers, and IP addresses. Additionally, user passwords were leaked in MD5 hash format which is considered cryptographically weak and susceptible to cracking. This breach highlights vulnerabilities within the regional tourism sector and poses risks of phishing and credential stuffing attacks for the affected individuals.