Zlgoon Inc., a prominent Online-to-Offline (O2O) company in South Korea, has allegedly suffered a significant data breach. The company, known as a leading provider of mobile coupons for the popular messaging app KakaoTalk, is at the center of a security incident after a threat actor advertised a database containing the records of 1.1 million customers for sale on a hacking forum. Zlgoon plays a crucial role in the digital commerce ecosystem, processing customer, store, and brand information for its integrated mobile coupon platform used across various channels.
The threat actor claims the database was “dumped this week” and is being offered as an exclusive sale for $1500. The compromised information allegedly contains a wide range of personally identifiable information (PII) that could expose users to various online threats, including identity theft and phishing attacks. The seller provided a sample of the data to prove the authenticity of the leak.
The leaked data allegedly includes the following:
- Member ID
- Phone numbers
- Operating system code
- Registration path
- Social media ID
- Nickname
- Email addresses
- Birthdate
- Gender
- Passwords
- Profile photo URL
- Greeting message
- Join date
