SPIROL Hacked, 70,889 Clients Information Leaked After Being Warned

spirol_logo Today Deletesec has announced an leak of data from what is turning out to be a service to many high profile company’s around the world. The target is SPIROL International (https://spirol.com/) and as a result of them being it has over 30,000 company’s affected after there credentials have been leaked online. SPIROL is a international business going back to 1948 specializing in the fasting industry. The breach was announced from @Deletesecs twitter account and has posted 3 csv files to media fire. The 3 files which total just over 27mb contain a heap of data in them but most comes from 1 file named CRM_data. This CRM_data file contains a huge amount of clients contact and account information which could be used by many different company like call centers etc. spirol When i asked DeleteSec which method was used i have been told SQL which is no surprise as there is a huge rise over the past 24 months of these types of attacks which result in high profile company’s information being leaked online. Deletesec has also stated something very interesting, that the reason this leak has happened is due to SPIROL making threats to have them arrested, it appears that maybe they already know and knew of the breach before the data was leaked and they had a chance to stop it but didn’t. I have also been shown and proven the Vuln, which i can say resides in the sites news system but that’s as much as i can publicly with harming any further people. Either way SPIROL might just have some answering to do to a lot of big company’s over the coming days. The leaked information totals 70,889 Email addresses of which 886 have passwords, the rest are set as . There is also a 31,123 Company names with this details as well as 26, 856 different email providers. Some of the company’s effected are Boeing, GM, ford, harley-davidson.com, telsamotors, etc. see full list of providers here and full list of company’s here. The other 2 files contain a further 96 accounts with user names, email addresses and clear text passwords and a form setup. Stats: – total emails: 70889

About the author: Lee J

Security Analyst, Developer, OSINT, https://www.ctrlbox.com

Comments are closed.