Regpack Database
[IMG alt="[Image: BlueSnapRegpack.png]"]https://external-content.duckduckgo.com/iu/?u=https://haveibeenpwned.com/Content/Images/PwnedLogos/BlueSnapRegpack.png[/IMG]
In July 2016, a tweet was posted with a link to an alleged data breach of
BlueSnap, a global payment gateway and merchant account provider
. The data contained 324k payment records across 105k unique email addresses and included personal attributes such as name, home address and phone number. The data was verified with multiple Have I Been Pwned subscribers who confirmed it also contained valid transactions, partial credit card numbers, expiry dates and CVVs. A downstream consumer of BlueSnap services known as
Regpack
was subsequently identified as the source of the data after they identified human error had left the transactions exposed on a publicly facing server. A full investigation of the data and statement by Regpack is detailed in the post titled
Someone just lost 324k payment records, complete with CVVs
.
Compromised data: Browser user agent details, Credit card CVV, Email addresses, IP addresses, Names, Partial credit card data, Phone numbers, Physical addresses, Purchases
* Hidden text: cannot be quoted. *
