Uh oh! It’s Teespring this time. A hacker revealed newly found user and creator data stolen from Teespring. Teespring is an e-commerce platform that let’s people design and sell custom clothing.
The leaked document contained personal data of more than 4 million users and apparel manufacturers including emails, full names, phone numbers, locations and other personal details.
Based on the last update dates, it seems that the data was stolen in April of last year (2020). ZDNet disclosed that Teespring did have a data breach in June 2020 but did not disclose till December 2020.
What’s in the leak?
There was some major damage done during the breach. Cyber News disclosed that There are two SQL files in the leaked Teespring archive, labeled “emails” and “users.” The first file includes email and last account update dates of 8,242,000 users and the second document contains more than 4m user records, including:
- Usernames
- Full names
- Locations
- Phone numbers
- Creator IDs
- Referral information
- Trust score
- Whitelisted seller campaigns, storefronts, bank check payouts, and other analytics data
- Access to the data.
The breach happened in June 2020, the incident was revealed on December 1st 2020 and the document was released on January 17th 2021. Based on the dates, the hacker community had full access to the leaked data from June last year to december.
Impact of the data reveal.
Though the data might not be super-sensitive according to the hacker community standards, it is enough to do some serious damage to Teespring’s user base. Several ways the data can be used are phishing, spams, unauthorized transactions and a few more.
What should you do?
If you are a Teespring user, we recommend changing your password and enable the two-factor authentication as soon as possible. And one more thing, try not to click any unknown links on your email or messages if you happen to receive one.
