Users of the now-defunct cannabis social media platform BudTrader have been notified of a significant data breach, which exposed 2.7 million email addresses, usernames, and hashed passwords. The breach was added to the “Have I Been Pwned” (HIBP) database yesterday after the data that was put up for sale on a hacking forum in July has now been shared in full with the breach alerting service.
BudTrader, which once served as a popular social networking platform specifically catering to cannabis enthusiasts, operated for several years before its shutdown. Given the platform's significant user base and niche market, the data breach has left many of its former users exposed to potential phishing attacks, identity theft, and account takeovers due to the nature of the leaked information.
Incident background
The data breach on BudTrader.com, the world's largest cannabis social media platform (before its shutdown) dates back to June 27, 2024. According to details shared on a hacking forum, the breach included a comprehensive dataset of registered users spanning from 2009 to 2024. This data dump was posted by a threat actor known as “st0jke” on BreachForums on July 20, 2024. The hacker, who has an established reputation on the forum, advertised the dataset for sale at a negotiable price of $8,000.
The breach compromised 2,728,518 records, containing:
- Usernames
- Email addresses
- Password hashes (MD5 hashed)
Notably, the passwords were hashed using MD5, an outdated and insecure hashing algorithm known to be easy to crack using modern computers. This makes the data highly vulnerable to decryption and potential misuse. A sample of the stolen data shared on BreachForums shows that user login details, registration dates, and other metadata were included alongside the hashed passwords.
HIBP sending out notifications
The breach was officially added to HIBP yesterday, so impacted users were alerted via email that their personal data had been compromised in a security breach. In a tweet from HIBP's official Twitter account, it was revealed that 13% of the affected email addresses were already in their database, with roughly 2,350,000 credential pairs exposed for the first time.
Recipients of these alerts are recommended to take the following actions:
- If you used the same password on BudTrader as on other platforms, change your passwords across all sites and ensure they are unique and strong.
- Where possible, enable 2FA on your accounts to add an additional layer of security.
- Stay alert for phishing emails or messages, as exposed email addresses might be used in targeted campaigns.
- To generate and store complex passwords securely, consider using a reputable password manager.
Leave a Reply