The data of 1.3 million accounts belonging to ‘Havenly’ users have been leaked online, and the interior design website was forced to admit that it suffered a security incident. The database was exfiltrated as an entity and uploaded on a hacker forum where users could access and copy it further without paying anything.
The culprit is once again “ShinyHunters,” a prolific data hoarder who has exposed hundreds of millions of user data from a large set of online platforms in the past months.
The database that was offered for free contains the following user details:
‘Havenly’ is a platform where people can buy interior design and decoration services, upload images of their rooms, define a budget, select a style, and then enjoy a renowned designer’s help. The platform then creates design concepts that are discussed between the designer and the client via chat and phone calls, and a shopping list is created to reflect the final layout visualization.
Related: “Shiny Hunters” Group Is Selling User Records From 11 Companies on the Dark Web
When the data appeared online, researchers contacted Havenly, who may not have realized the breach. After five days, an official disclosure came, and it affected users of the platform started receiving notifications, although the researchers were never thanked. Also, the platform proactively reset all user passwords, even though these were not in plain-text form, but hashed.
If you happen to use the same password on other online platforms, you should go ahead and reset it there as well. As for the payment information, the platform only stores the last four digits of the clients’ credit cards, so normally, actors shouldn’t be able to do a lot of damage with this information.
However, it would be quite possible that these four digits will be used in phishing and scamming emails, so beware. Havenly’s announcement talks about a “certain number of customer accounts,” meaning that this incident has not compromised everyone. Nevertheless, the number of exposed accounts (1.3 million) denotes that everyone is included in the breach. Still, no clarifications were given in regards to that.
Finally, nothing was mentioned about the actual security breach event and whether this resulted from a ransomware attack or something else.