Singapore-based hotel management & booking platform Reddoorz suffers a massive data breach. A hacker is selling a RedDoorz database containing 5.8 million user records on a dark web.

As part of the sale, the threat actor shared a database sample, including the table structure and records for 587 users. These records allow us to see what was exposed during the RedDoorz breach.

For each user records in the database, a RedDoorz member’s email, bcrypt hashed passwords, full name, gender, link to profile photo, phone number, secondary phone number, date of birth, and occupation is exposed.

For numerous user records in the samples, BleepingComputer has confirmed that the listed email addresses and phone numbers are correct for the particular user.

While this data breach exposed far more sensitive data than initially stated by RedDoorz, it does not contain any financial information.

READ
Networking Equipment Vendor Belden Disclose Data Breach