The leaked database includes, among other sensitive data, Guns.com administrator, WordPress, and Cloud log in credentials in plain-text format, Hackread reports.
Guns.com is a major Minnesota, US-based platform selling guns and supplies online. It is a very popular meeting place for gun owners and enthusiasts around the world.
On March 9, Hackread reports, a database belonging to Guns.com was dumped by someone on an infamous hacker forum.
The person who dumped the data claims that is a complete database of Guns.com along with its source code. The breach took place at the end of 2020, and the data was sold privately, probably on some dark web marketplace.
Hackread.com says the data contains highly sensitive information of Guns.com’s administrators and customers including user IDs, full names, 400,000 email addresses, password hashes, physical addresses, Magneto IDs, phone numbers, and customers’ bank account details.
However, credit card numbers or VCC numbers had not been stolen or included in the dump, according to Hackread.
One Excel file in the database contains sensitive login details of Guns.com administrators’ – WordPress, MYSQL, and Cloud (Azure) credentials. All admin credentials including admin were unencrypted and stored in plain text format.
At the time of the attack in December, Guns.com stated “there was no indication of any attempt to compromise data.” But it is now confirmed that the Gun.com database is currently circulating on infamous English and Russian-speaking hacker forums.
This data leak of physical addresses, history of purchased weapons, and contact and banking details can have devastating effects on Guns.com. And if you are one of the customers, it is advisable that you are vigilant and especially when it comes to phishing, SMShing, SIM Swapping, and identity scams.