VirtualMacOSX has allegedly suffered a data breach in which the data of 10,000 customers was leaked on a clear web forum known for cybercrime and data breaches. This forum, known for its message boards dedicated to database downloads, leaks, and cracks, made the full dataset freely accessible to anyone with an account who replied to or liked the post.
This is the same forum where a fake 1.2 billion record Facebook database was being sold, an old AT&T database containing a lot of new information was listed, and allegedly stolen Coca-Cola Europacific Partners (CCEP) data was put up for sale.
The alleged data breach and the sale of customer data were discovered by the SafetyDetectives Cybersecurity Team. According to the company’s research, shared with Hackread.com, the exposed dataset appeared genuine during their review. It was shared across three text files named ‘tblcontacts,’ ‘tbltickets,’ and ‘tblclients,’ totalling 176,000 lines.
For your information, VirtualMacOSX is a company offering “Apple Macintosh cloud-based computing since 2012,” with customers in 102 countries. However, SafetyDetectives has not definitively confirmed that the exposed dataset belongs entirely to VirtualMacOSX due to ethical constraints on testing credentials.
Details of the Alleged Breach
The database was leaked on the forum on the 11th of June 2024 and the information found within the alleged database is sensitive. It includes customer’s full names, company names, email addresses, complete physical addresses, and phone numbers. Crucially, passwords and password reset keys are also observed.
Financial details such as bank name, bank type, bank code, and bank account numbers are also present. Additionally, user support tickets are part of the leak, containing user IDs, IP addresses, full names, emails, and full messages from customer interactions.
This type of exposed data presents substantial risks. Such information can be used by malicious actors for various harmful activities. For instance, knowing a user’s password reset information significantly increases the chances of account takeovers.
Financial data could enable fraudulent transfers, while combined personal details, including IP addresses, could even lead to physical risks by allowing cybercriminals to track a user’s location.
Protecting Your Information
To protect against data breaches, individuals should monitor bank statements, credit reports, and online accounts for unusual or fraudulent activity. Enabling multi-factor authentication (MFA) on online services and changing passwords for all accounts, especially those linked to VirtualMacOSX is a critical preventative measure.
Limiting personal information online, particularly on social media, can increase privacy. Securing your digital footprint involves using strong, unique passwords for every account and periodically checking their account activity and login history.
