🏢 About WaitWhatWeb
WaitWhatWeb is a web development company based in Bandung, Indonesia. The company focuses on delivering digital solutions tailored to the needs of branded clients.
⚠ Disclaimer
This report includes actual screenshots and/or text that may include unredacted personally identifiable information (PII) gathered from publicly available sources.
The sensitive information presented within this report is intended solely for cybersecurity awareness and threat intelligence purposes.
📌 Overview
On August 19, 2025, a threat actor using the alias N1KA claimed responsibility for a data breach targeting WaitWhatWeb.
The actor states the leak contains 17,468 compromised records totaling approximately 4.5 GB. The dataset allegedly exposes sensitive account data, including usernames, hashed passwords, emails, registration dates, activation keys, and display names.
The post further highlights multiple client websites that may have been impacted by the breach, including:
- theikatindonesia.com
- bigmo.id
- myrubylicious.com
- jagoankacamata.com
- heykama.com
- capslock.id
📊 Key Details
| Attribute | Information |
|---|---|
| Date | 2025-08-19, 01:54:21 AM |
| Threat Actor | N1KA |
| Victim Country | 🇮🇩 Indonesia |
| Industry | Information Technology (IT) Services |
| Victim Org. | WaitWhatWeb |
| Victim Site | waitwhatweb.com |
| Category | Data Breach |
| Severity | Medium |
| Network | Open Web |
![IOC Alert: Lumma Stealer C2 Domain Identified – larpfxs[.]top](/content/images/size/w1304/format/webp/2025/08/23985762398576198764252-1.jpg)
