Brazil
E-commerce / Retail
Data for Sale
Brazilian Online Store Loja Negócios Digital Allegedly Breached, 20,000 Customer Records Exposed
A threat actor using the alias Sensitive2025 is advertising a database they claim to have stolen from Loja Negócios Digital (lojanegociosdigital.com.br), a Brazilian online store. The listing describes roughly 20,000 records exported from the store's WooCommerce back end, offered both as a points-gated download and for direct sale. According to the sample, the data spans multiple tables covering customer accounts, orders, and billing details, and includes names, email addresses, phone numbers, billing and shipping addresses, order and payment information, IP addresses, and hashed account passwords. The claim is unverified.
Brazil▣Post details
Brazil!Allegedly included
- ~20,000 records
- Customer names & emails
- Phone numbers
- Billing & shipping addresses
- Order & payment details
- IP addresses
- Hashed account passwords
- WooCommerce user accounts
◱Screenshots
⚠Potential impact
A full store-database export ties customers' names to their email addresses, phone numbers, home addresses, and order histories, while the hashed account passwords could be cracked to take over accounts or be reused elsewhere. Order and payment metadata combined with IP addresses adds detail that makes phishing and fraud more convincing and harder to spot. For a Brazilian retailer this exposes both shoppers and registered users to identity theft, account compromise, and targeted scams. The claim is unverified.
iStatus
UnverifiedThis is a data-leak listing offered as a points-gated download and separately for direct sale through the actor's messaging contact. The claim is unverified and the store has not publicly addressed it.
DARK WEB INFORMER - THREAT INTELLIGENCE