LiveAuctioneers

LiveAuctioneers operates an online auction platform based in the United States, facilitating transactions for various collectibles and goods. The service serves a substantial user base, with a documented incident in mid-2020 confirming the exposure of personal data belonging to approximately 3.4 million individuals. This breach occurred through unauthorized access via an unnamed third-party data processing partner, leading to the theft of a comprehensive user database. The compromised information included email addresses, usernames, MD5-hashed passwords, names, phone numbers, physical addresses, IP addresses, and linked social media profiles. Following the discovery that a significant portion of the password hashes had been cracked, the company implemented a mandatory password reset for all users and issued warnings about potential phishing threats. The incident was publicly acknowledged by LiveAuctioneers, which attributed the security failure to its external processor, though it did not independently verify all technical details of the data's exfiltration or encryption weaknesses reported elsewhere.

A separate security event in late 2020 further implicated the organization when the threat actor ShinyHunters publicly dumped databases from multiple companies, including LiveAuctioneers, on a Russian-language forum. This leak stemmed from a forum dispute and was briefly available before removal. It remains unclear whether LiveAuctioneers was directly breached in this instance or if the data originated from the earlier June incident or another shared source. The cumulative effect of these events highlights a persistent vulnerability associated with the organization's reliance on external data handlers, as both major incidents involved third-party access points. The publicly available information does not specify the company's ownership structure, parent entities, or other distinguishing market specializations beyond its role as an online auction intermediary. The documented breaches represent the most significant and verifiable context for understanding the organization's operational scale and historical security posture.