Halara investigates breach after hacker releases 950,000 people's data
Halara, a popular athleisure clothing brand, is looking into a data breach after the purported data of around 950,000 consumers was stolen on a hacking site.
The Hong Kong brand was created in 2020 and immediately rose to prominence due to the numerous TikTok videos promoting their apparel.
Halara notified BleepingComputer that it is aware that client data has been reportedly stolen and released online, and that it is investigating a possible breach.
This comes after a guy calling himself 'Sanggiero' claimed to have penetrated Halara earlier this month and posted a text file containing stolen client data on a hacking website and a Telegram channel.
"In January 2024, over 1 million rows of data from the Halara store were posted to a popular hacking forum." "The data contained 1M unique addressIds, first names, last names, phone numbers, country, home address, zip, province, city, and ISO," Sanggiero writes in a blog post.
It should be noted that the forum post utilizes the wrong Halara logo and instead uses one for a cannabis company that was not violated.
The leaked data has been verified by BleepingComputer, and while Sanggiero claims it contains 1 million lines of data, the text file only contains 941,910 items.
While BleepingComputer cannot confirm whether all of the data is correct, we have called several people included in the file and confirmed that they are all Halara customers and that their provided phone numbers, names, and addresses are correct.
Sanggiero told BleepingComputer that they obtained the data by exploiting a weakness in an API on Halara's website, which they claim is still unfixed.
Sanggiero stated that they did not contact Halara about the stolen data and opted to give it for free because it would not have much value if sold.
Targeted smishing attacks (SMS phishing) that aim to obtain other information, such as email addresses and passwords, should be avoided by Halara consumers.
This data can be utilized in future assaults or sold to other threat actors for fraud or other harmful activities.
Many threat actors are selling stolen accounts for online businesses such as Saks Fifth Avenue, Express, and Ulta Beauty, which are then used to make fraudulent purchases, according to BleepingComputer.
Source: BleepingComputer
