ShellCodeX Breach Report
WeLeakInfo Data Breach
weleakinfo.com
Verified breach
Sensitive
Accounts exposed
11,788
Breach date
08 Mar 2021
Added to tracker
15 Mar 2021
Data classes
8
What happened
In March 2021, the Stripe account of the now-defunct WeLeakInfo service was taken over by "pompompurin" after acquiring an expired domain name with an email address used to manage the account. Access to Stripe then exposed almost 12k unique email addresses from customers who'd made credit card payments in order to obtain breached data hosted by WeLeakInfo. The data was subsequently leaked publicly and also included names, payment histories, IP addresses, billing addresses, partial credit card data and the organisation making the purchase.
Exposed data
Browser user agent details
Email addresses
Employers
IP addresses
Names
Partial credit card data
Physical addresses
Purchases
Recommended actions
- Watch for targeted phishing emails referencing WeLeakInfo โ attackers weaponise breach data quickly.
- Monitor your bank and card statements closely and consider requesting a card replacement.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP