The passport database of more than 1.3 million Russian clients of Oriflame is up for sale, the Kommersant newspaper reports, citing data from the shadow database RaidForums. The website of the cosmetics company reported that on July 31 and August 1, it was subjected to a series of cyberattacks, which led to unauthorized access to the company’s information systems.
Oriflame has strengthened cybersecurity measures and is investigating the incident with the participation of law enforcement agencies, Oriflame said in a statement. The press service of the company did not reply to the publication. At the same time, the message notes that the cyber attacks did not affect bank account numbers, phone numbers, passwords and commercial transactions of users.
As the publication specifies, the seller of the database has access to clients from Georgia and Kazakhstan. He stated that in his hands the data of system participants from 14 countries.
A database of 1.3 million copies of scanned passports on the black market will cost hundreds of thousands of dollars, said Evgeny Tsarev, manager of the RTM Group. Using fake documents, you can take a micro-loan, register domains in the .ru zone, SIM cards or wallets of payment systems, Tsarev explained.
In 2020, the data of 19 million customers and employees of Avon got publicly available, and in 2019, due to vulnerabilities in the cloud service, about 100,000 Herbalife customer records, including names, phone numbers and email addresses, were publicly available.
.