Skip to content Dark Web Informer - Cyber Threat Intelligence
Support
Sign In Subscribe
Data Breaches

BusinessMan Claims to be Selling the Data of Investing.com

 and  Dark Web Informer - Cyber Threat Intelligence
2 min read

💡This post is part of Free Post Friday! If you're interested in subscribing to the platform please visit the subscriber page: https://darkwebinformer.com/status/#/portal/signup. If you would prefer to pay via cryptocurrency, please visit: https://darkwebinformer.com/crypto-payments

If you're interested in advertising please visit: https://darkwebinformer.com/advertising-rates/

🔎 Quick Facts

🔗 DarkWebInformer.com - Cyber Threat Intelligence

📅 Date: 2025-02-21 05:50:00
🚨 Title: Alleged Data Sale of Investing.com
🛡️ Victim Country: Israel
🏭 Victim Industry: Financial Services
🏢 Victim Organization: Investing.com
🌐 Victim Site: investing.com
📜 Category: Data Breach
🔗 Claim: https://breachforums.st/Thread-SELLING-Investing-com-6-5-million-data-breach
🕵️‍♂️ Threat Actor: BusinessMan
🌍 Network: OpenWeb

📝 What Happened?

A threat actor identified as BusinessMan has posted a data breach listing claiming to have obtained 6.5 million user records from Investing.com.

The breach was allegedly caused by an IDOR vulnerability that exposed user information, allowing mass data scraping before the issue was patched.

The compromised dataset reportedly includes:

  • User ID
  • Registration timestamp
  • Platform used
  • Email addresses
  • Registration source

According to the post, some records date back to 2014, while the majority of compromised users registered between 2024-2025.

If legitimate, this breach could expose Investing.com users to phishing, identity theft, and fraud.

📊 Compromised Access Details

  • Data Volume: 6,486,700 records
  • Exposed Information: ID, email, registration details, and platform usage
  • Exploit Method: IDOR (Insecure Direct Object References) vulnerability
  • Threat Actor Offering Data for Sale

🛡 WhiteIntel.io Data Leak Information

Country: Unknown Credentials: 19,618
Country: BR Credentials: 7,881
Country: US Credentials: 7,510
Country: ID Credentials: 6,538
Country: IN Credentials: 6,141
Country: TR Credentials: 4,537
Country: EG Credentials: 3,506
Fetching WhiteIntel.io Data...
Large datasets may take a moment...
This message will update automatically...

Implications

  • Risk of Financial Fraud & Phishing – Stolen emails and user details could be weaponized for targeted scams.
  • IDOR Vulnerability Exploitation – If unpatched, similar methods could be used to compromise other platforms.
  • Regulatory & Legal ConsequencesGDPR, CCPA, and Israeli cybersecurity regulations may require breach disclosure and user notifications.
  • Immediate Security AuditInvestigate IDOR vulnerabilities and ensure proper access control measures.
  • Customer Notifications & Security WarningsAffected users should reset passwords and be alerted about phishing risks.
  • Dark Web Monitoring – Track further distribution of the dataset and monitor for identity theft threats.
  • Enhanced API & Access Control SecurityImplement stricter access validation to prevent future unauthorized data access.

Stay informed on emerging cyber threats. Visit DarkWebInformer.com for real-time updates on security risks and breaches.

Related

Latest