Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

LiveAuctioneers Data Breach Impacts 3.4 Million Users

Auctions platform LiveAuctioneers has revealed a data breach that likely impacted approximately 3.4 million of its users.

Founded in 2002, the art, antiques, jewelry, and collectibles online marketplace claims to be broadcasting thousands of live auctions each year, providing live bidding options for millions of items.

Auctions platform LiveAuctioneers has revealed a data breach that likely impacted approximately 3.4 million of its users.

Founded in 2002, the art, antiques, jewelry, and collectibles online marketplace claims to be broadcasting thousands of live auctions each year, providing live bidding options for millions of items.

Over the weekend, the bidding forum revealed that unknown actors accessed a partner’s systems last month, and that user information was stolen before the leak was plugged.

“As of July 11th, 2020, our cybersecurity team has confirmed that an unauthorized third party accessed certain user data through a security breach at a LiveAuctioneers data processing partner that occurred on June 19, 2020,” the online marketplace notes.

Affected user information includes names, phone numbers, email and mailing addresses, and encrypted passwords. However, LiveAuctioneers notes, not all accounts had all of this information present.

“Our cybersecurity team has confirmed that complete credit card numbers were not accessed, and we have no reason to believe auction history was affected,” LiveAuctioneers says.

The bidding portal has prompted a platform-wide password reset operation, and all users will have to set a new password when first accessing their accounts. Both bidder and auctioneer accounts are impacted by the move.

Security researchers at CloudSEK say they’ve found on a surface web database marketplace a post advertising the information of roughly 3.4 million LiveAuctioneers users, likely pointing to the number of affected users.

“The poster is selling 3.4 million users’ data and 3 million cracked username password combinations. The seller has shared 15 user records and 24 email-password combinations to support their claims,” CloudSEK notes.

The advertised user records include usernames and encrypted passwords, email addresses, complete names, physical addresses, and IP addresses.

“Using public sources we were able to verify various fields such as mobile number, physical address and email address in the sample data. The sample has a mix of US and UK users’ data,” the researchers reveal.

Furthermore, the poster also claims to have cracked the encrypted passwords, and shared a sample to prove their claims.

Related: GoDaddy Notifies Customers of Data Breach

Related: Design Marketplace Minted Confirms Recent Data Breach

Related: Chegg Informs Employees of Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Cybercrime

Cybercriminals earned significantly less from ransomware attacks in 2022 compared to 2021 as victims are increasingly refusing to pay ransom demands.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.