fotoy.co.kr, a South Korean photography and community platform, has reportedly been compromised, resulting in the exposure of sensitive user records. A threat actor posted a downloadable database on a cybercrime forum, claiming it belongs to the site. The leak appears to affect registered members, administrators, and general users of the platform.
According to the sample data released by the actor, the compromised information appears to be a complete dump of the user table (mb_member), containing Personally Identifiable Information (PII). The allegedly compromised data includes:
-
Full names
-
User IDs and Nicknames
-
Email addresses
-
Hashed passwords (likely MySQL hash format)
-
Mobile phone numbers
-
Physical addresses
-
IP addresses
-
Timestamps (registration and login dates)
Daily Dark WebRead More
R1
T1
