Hackers of a group called DeleteSec have breached the systems of SPIROL International, a US and European manufacturer and distributor of pins, inserts, and brass nuts for plastic components.
Cyber War News has analyzed the leaked data and found the email addresses of over 70,000 of the company’s customers. 886 of the records also contain passwords.
Other files contain the names of 31,123 companies along with 26,856 email addresses. The list includes some major names, such as Ford, GM, Boeing, Tesla, and Harley Davidson.
96 usernames, email addresses, and associated passwords (in clear text) have also been leaked.
The hackers have told CWN that they’ve leveraged an SQL Injection in the news section of the site to gain access to the data. DeleteSec said the company had learned of the breach before the data was published online. The files were leaked after SPIROL allegedly threatened to have the hackers arrested.
At the time of writing, SPIROL’s website is offline, which suggests that the company is aware of the breach. I’ve reached out to the organization to see if they want to comment on the incident. This post will be updated if they respond to my inquiry.