According to the post, the database contains sensitive information from approximately 2,796,835 users. This figure has been corroborated by HaveIBeenPwned, a well-known data breach verification service. The compromised data includes full names, email addresses, physical addresses, and PBKDF2 hashed passwords, a hashing algorithm used to protect passwords. According to the threat actor, the breach occured in July 2024.
The threat actor described the file as a .bacpac format, which is too large for them to manage effectively, leading to difficulties in accessing or providing a sample of the data. The seller has indicated that interested parties can purchase the full database through private messages on the forum.
The post Approximately 2.8M User Data From Lulu Hyper Market is For Sale appeared first on Daily Dark Web.