Users of the now-defunct illegal online service WeLeakInfo could soon find themselves in trouble with the law or even other hackers as a user on a popular hacking forum is now selling a database which contains highly sensitive information on more than 24,000 previous customers.
Before it was shut down by the FBI in January of last year, WeLeakInfo was a website that sold access to stolen information scraped from over 10,000 data breaches. In total, the site contained 12bn indexed user credentials that included names, usernames, email addresses and passwords for online accounts.
As reported by CyberNews, the forum user is now selling a ZIP archive containing highly sensitive information of former WeLeakInfo customers that made their illicit purchases using Stripe. The data available for sale includes their full names, IP addresses, addresses, partial credit card data, transaction dates, Stripe reference numbers and phone numbers for around $2 in virtual forum currency.
WeLeakInfo customer data
The forum user selling the WeLeakInfo archive claims that the FBI may have missed a spot when it seized the site’s original domain as there was a separate domain associated with the service that was used to process payments for those who bought stolen data via Stripe.
WeLeakInfo’s payment site was not allowed to expire in March of this year and as a result, anyone could have claimed the domain as their own which is exactly what the hacking forum user did. They claim they were able to perform a password reset against the Stripe account that was associated with the two owners of WeLeakInfo and gain access to all of the data from the website. During its time in of operation which lasted for less than a year, the site was able to accumulate a little over £100,000 ($138k) from 24,603 customers.
Judging from the data samples provided by the forum user, the age of the Stripe account owner is consistent with the information about the arrested owners of WeLeakInfo, according to CyberNews. The information contained in the WeLeakInfo database could be used by law enforcement to arrest those who previously purchased stolen data but it could also be used by other cybercriminals to launch extortion or blackmail attacks.
If you’re concerned that your credentials may have leaked online following a data breach, you can always use CyberNews‘ personal data leak checker to search through its library of over 15bn breached records.