Return to forum

pompompurin · June 24, 2022 at 6:59 AM

Hello BreachForums Community,
Today I have uploaded the Astoria Company (Partial) Database for you to download, thanks for reading and enjoy!

In January 2021, over 11M unique email addresses were hacked by Night Lion Security alongside an extensive amount of personal information including names, physical and IP addresses, phone numbers and dates of birth. Some records also contained social security numbers, driver's license details, personal financial information and health-related data, depending on where the information was sourced from. Initially attributed to Astoria Company, they subsequently investigated the incident and claimed the data did not originate from their services. Vinny Troia leaked one of the files from the breach on RaidForums, which contained around 300k entries.

This breach isn't the full Astoria Breach, it only includes the "leadpp_auto.sql" which was leaked on RaidForums in 2021 when the incident occurred.

Compromised data: Bank account numbers, Credit status information, Dates of birth, Email addresses, Employers, Health insurance information, Income levels, IP addresses, Names, Personal health data, Phone numbers, Physical addresses, Smoking habits, Social security numbers

ContentsSpoiler

The .7z File's MD5 Hash is DFE09337D29D30845032C4755C02B0F7. In total, there are 346377 records. The file is 15.19GB uncompressed and 446.9MB compressed.

Hidden Content

You must register or login to view this content.

Database Index <> How To Get Credits

pompompurin · June 24, 2022 at 7:00 AM

The original RaidForums post:

hxxps://raidforums[.]com/Thread-SQL-Astoria-Company-A-Message-to-your-CEO

A message Scott Thompson, CEO of Astoria Company,

Your poor security and misconfigurations allow us to access your organisation and exfiltrate your data without detection.

Several times we email you with our offer to help clean up your mess and keep this quiet for a very reasonable fee. Each time our generous offer is ignore. Now you write a response on your website claiming we lie? No, sir. It is you that are the liars. We do not respond kindly to ungrateful executives that question our work.

Since you will not acknowledge your own incompetence, let us help you.

Your claims:

1. "Attempts to download any significant portion of data from Astoria’s database were thwarted by configuration, failsafe systems, and inherent limitations of the database server instance ... due to inherent system limitations, full dumps of the live Astoria database would not succeed."

This is laughable. There were no failsafe, only limits in MySQL network exporting. An easy problem to solve with MySQL "limit" and "offset" commands. Your database was easily dumped by exporting smaller segments.

2. "Despite repeated requests for proof that database tables were dumped"

This is another lie, Mr. Thompson. In fact we emailed you several times offering to show you proof. Each time our requests were rudely ignored. Is this how you treat others offering to help you?

Our Proof Of Your Lies

As further proof of our claim, we provide the following two files to the world:

1. Table headers from all 321 of your database tables

2. a complete dump of the leadpp_auto.sql

This file is 16g uncompressed. If full data export is not available, how did we get this?
This file has very nice TCPA notices. Too bad you don't follow your own privacy rules!

Our Offer

To show you how good our organisation is, we do not leak any of the main PII tables.

But heed our warning: if you continue to ignore us, our next post will not be so generous.

Let this message serve as a warning to those who will follow in your footsteps.
If you allow this to happen, you MUST take responsibility for your data breach. If not, we will be watching.

mrbanana · August 13, 2022 at 8:32 PM

Is this data formatted into a CSV file or is it the raw SQL file?

Thanks!