Cyber Incident Victim: Fotolog

In December 2020, a data breach broker advertised the sale of 368.8 million user records allegedly stolen from 26 companies on a hacker forum, as reported by BleepingComputer. Fotolog.com was among the affected entities, with 33 million user records listed for sale alongside companies like Teespring, MyON, and Netlog. The broker categorized Fotolog’s breach as previously disclosed, linking it to a prior BleepingComputer article about stolen account sales. This incident formed part of a broader pattern where threat actors collaborated with brokers to monetize stolen databases through dark web marketplaces. The Fotolog data was grouped with other high-volume breaches, including Pizap (60 million records) and Netlog (53 million records), though no specific pricing was mentioned for Fotolog’s dataset. Historical context indicated Fotolog’s data had circulated in earlier dark web sales, such as a 2017 incident involving 127 million accounts.

The broker’s advertisement did not specify intrusion methods for Fotolog but emphasized the aggregated scale of the 26-company dataset. BleepingComputer’s investigation confirmed Fotolog’s breach status through prior disclosures but did not receive new statements from Fotolog regarding this specific listing. Impacts included potential credential-stuffing attacks and phishing risks, as observed with Teespring users receiving malicious emails post-breach. No forensic details about Fotolog’s compromised systems or data types were provided in the article, unlike MyON’s confirmed exposure of hashed passwords and names. The broker’s operation highlighted the persistent recycling of historical breaches for financial gain, with Fotolog’s 33 million records representing a significant portion of the 368.8 million total records offered. Companies like MyON and Chqbook issued conflicting breach acknowledgments, but Fotolog’s response remained unaddressed in the report.