verified2016-05-20

RegpackRegpack breach

bluesnap.com · 104,977 records compromised

Records
105K
Breach date
2016-05-20
Domain
bluesnap.com
Data classes
9

Description

In July 2016, a tweet was posted with a link to an alleged data breach of BlueSnap, a global payment gateway and merchant account provider . The data contained 324k payment records across 105k unique email addresses and included personal attributes such as name, home address and phone number. The data was verified with multiple Have I Been Pwned subscribers who confirmed it also contained valid transactions, partial credit card numbers, expiry dates and CVVs. A downstream consumer of BlueSnap services known as Regpack was subsequently identified as the source of the data after they identified human error had left the transactions exposed on a publicly facing server. A full investigation of the data and statement by Regpack is detailed in the post titled Someone just lost 324k payment records, complete with CVVs .

Compromised data classes· 9

Browser user agent detailsCredit card CVVEmail addressesIP addressesNamesPartial credit card dataPhone numbersPhysical addressesPurchases

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Breach
OrderSnapp
Breach
ClickASnap
Breach
PaySystem.tech
Breach
Snapchat
Breach
Storenvy
Breach
Twitter (200M)
Sourced from Have I Been Pwned. Aggregate metadata only — no PII. Curated by Adam Lundqvist, Founder at SQUR.