SOCRadar® Cyber Intelligence Inc. | Roblox Data Breach, Unauthorized Access Sales, and Global Leaks


Jul 24, 2023
3 Mins Read

Roblox Data Breach, Unauthorized Access Sales, and Global Leaks

Welcome to SOCRadar’s weekly dark web news digest. This week, we spotlight several critical cybersecurity incidents: a significant user data leak from Roblox, unauthorized access sale related to global BPO, Webhelp, and the data breach of an important Czech Republic portal. In addition, we report on the sale of a multi-system live panel for hosting scam pages—a red flag for network security.

Each tale underscores the criticality of cybersecurity vigilance in our increasingly digital world.

Find out if your data has been exposed.

Database of Roblox is Leaked

On July 20, the SOCRadar Dark Web Team discovered a post claiming to leak sensitive data from the Roblox Developers Conferences between 2017 and 2020. The leaked information includes 4k unique email addresses, names, usernames, dates of birth, phone numbers, physical and IP addresses, and t-shirt sizes. 

Unauthorized Access Sale is Detected for Webhelp

A SOCRadar dark web analyst has detected a post that unauthorized access to sensitive information is being offered for sale, allegedly belonging to Webhelp, based in France. The seller claims that this data breach includes access to 500 computers, with the capability of remote access, command shell, and more. The sale is structured with a starting price of $8000, with increments of $1000, and a blitz option for $20,000. 

Database of the Czech Republic Portal is Leaked

The SOCRadar Dark Web Team has detected a post that a threat actor claims to have hacked the database of a Czech Republic portal. The leaked data allegedly contains information from 78,000 users, including fields such as ID, last name, name, address, street, PSC (postal code), municipality, telephone, fax, email, password, mobile, Facebook ID, Google ID, and confirmation token.

Multi-System Live Panel is on Sale

A SOCRadar researcher has detected a post where a threat actor claims to be selling a multi-system live panel designed for hosting scam pages, including those related to credit card fraud and one-time password (OTP) bypass. The panel is automated and offers various permissions to enable different scam types. The seller is asking for $40,000 in Bitcoin for the entire system. 

Data of an Indonesian High School are on Sale

On July 19, SOCRadar detected a post in a hacker forum where a threat actor claimed to be selling alleged data from an Indonesian high school. The data being offered for sale includes sensitive information such as full names, names of parents, email addresses, phone numbers, addresses, and possibly other details. The threat actor has provided a link to a Telegram account for potential buyers to contact them for further information or to make the purchase.

Powered by DarkMirror™

Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.