The relevance of the data array that has become publicly available refers to the period from the beginning of 2019 to June 2021, Izvestia was told in the Best2pay service. They clarified that the stolen database does not contain full card data (only a mask – the first six and last four digits of the card) and other payment details.
“In December 2022, our company’s information systems were subjected to a planned attack using a compromised corporate account of one of our contractors working in an isolated test environment. With its use, a test reporting system was compromised, ”the service explained.
Information about the database leak began to spread on January 31st. According to the in2security Telegram channel, the published file contains 1 million lines, including the full name, a fragment of the card number (the first six and last four digits), the date, amount and purpose of the payment, as well as email addresses and phone numbers of service users. According to messages in the Telegram channel, the database contains 824,000 unique phone numbers and 204,000 unique bank cards. According to the channel, the leak is more recent – the latest information is dated January 28, 2023.
Read more in the exclusive Izvestia article:
Better not leak: Best2pay reveals details of customer data leak
