Over a Million PII of Livpure Customers Leak on Cybercrime Forum

###### Category Adversary Intelligence
###### Affected Industries Manufacturing
###### Affected Region SAARC, India

Executive Summary

CloudSEK’s flagship digital risk monitoring platform XVigil discovered a post, on a cybercrime forum, advertising customer records of Livpure. Livpure is a renowned brand that offers UV & RO water purifiers and air purifiers. The CloudSEK Threat Intelligence Research team has validated the information in this post and has found that the compromised data belong to the attributed entity.

Attribution

On 13 May 2021, a threat actor shared a post advertising a database containing 1 Million+ records of Livpure customers including their PII. The actor, who joined the forum in May 2021, has been selling Indian databases in the past and gained high reputation on the forum.

Threat actor’s post on the underground forum

Analysis

Information from Source

The threat actor has shared the leaked fields from the database in the post and also shared the sample which is part of the leaked database. Database shared by the actor includes the following fields:

image

Sample data shared by the threat actor

Information from OSINT

Using public sources, CloudSEK Threat Intelligence Researchers were able to confirm that the compromised data contains the PII of the customers and was validated using public sources.

Impact

  • Since PII (Personally Identifiable Information) including email addresses and phone numbers have been exposed as a result of this breach threat actors can misuse the data to:
    • Carry out social engineering activities, phishing attacks, or even identity theft.
    • Phone numbers and email addresses that are part of the data dump could be linked to the victims’ banking, mobile wallet accounts, or other online services. Therefore, when this data ends up in the wrong hands, actors could compromise such accounts as well.

Recommendations

  • Use strong passwords.
  • Enable multi-factor authentication for all online accounts.
  • Don’t share OTPs with third-parties.
  • Regularly update apps and other software.
1 Like