1,100,000 user credentials of Lookbook are being sold on Deep Web

Deep Web is a place where people can buy just about anything, from government documents, drugs, weapons to the top database of online platform. Recently, hackers have been providing confidential data of social media giants including MySpace, LinkedIn, Twitter, Beautiful People and VK.com.

The latest victim Lookbook.com is a website of fashion and youth culture established in San Francisco by Yuri Lee. The same group of hackers is selling 1,110,000 Lookbook users’ login credentials including email and BTC clear text password. The data is priced at 0.1519 bitcoin which equals to about 102.23 dollars. There have been already six purchase records. One of the buyers “6969” gives a feedback that it contains clear text passwords and emails of 1.1 million users, which can be used by spammers to conduct fashion-related fraud.

The screenshot above shows the data of Lookbook.com are being sold on Deep Web.

Except for the leaked data, there is another fact of destructive effect. Lookbook allows their users to use Facebook account to login, from which we can tell that the data being sold is high possible to include Facebook login credentials. For now, there is no event of Lookbook user being attacked by hackers or Facebook account being affected because of Lookbook data breach.

Users are asked to enter their email address and password before login to the website when choose “Continue with Facebook”.

At present, we don’t know for sure whether Lookbook has already been hacked or the company is aware of the fact that users’ data is damaged.