ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

WeLeakInfo Data Breach

weleakinfo.com
Limited exposure
Verified breach Sensitive
Accounts exposed 11,788
Breach date 08 Mar 2021
Added to tracker 15 Mar 2021
Data classes 8

What happened

In March 2021, the Stripe account of the now-defunct WeLeakInfo service was taken over by "pompompurin" after acquiring an expired domain name with an email address used to manage the account. Access to Stripe then exposed almost 12k unique email addresses from customers who'd made credit card payments in order to obtain breached data hosted by WeLeakInfo. The data was subsequently leaked publicly and also included names, payment histories, IP addresses, billing addresses, partial credit card data and the organisation making the purchase.

Exposed data

Browser user agent details Email addresses Employers IP addresses Names Partial credit card data Physical addresses Purchases

Recommended actions

  • Watch for targeted phishing emails referencing WeLeakInfo โ€” attackers weaponise breach data quickly.
  • Monitor your bank and card statements closely and consider requesting a card replacement.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP