SPhero, a company based in Hong Kong, has experienced a significant data breach that has resulted in personal information belonging to over a million teachers and students being compromised. According to a report by SafetyDetectives, sensitive data belonging to Sphero users was stolen and subsequently published on the internet. However, the Privacy Commissioner for Personal Data (PCPD) stated that the company had not reported the incident to them.
It was announced on a dark web forum that SPhero’s data had been leaked. Experts from SafetyDetectives believe that the hacker exploited multiple vulnerabilities in SPhero’s security system, allowing them to gain access to confidential information. The exact number of users and files within the compromised database has not been disclosed on the forum, although one participant mentioned that there were 1,001,393 data entries.
The leaked data on the dark web includes users’ full names, email addresses, dates of birth, profile pictures, job positions, locations, and biographies.
The PCPD has stated that they will be reaching out to Sphero to determine if the company operates in Hong Kong and if the data of Hong Kong users have been affected. Sphero’s official website indicates that their international office is located in the Kwai Fong area, with a warehouse also present in the USA.
SafetyDetectives has warned that the leaked data could be utilized for fraudulent purposes or identity theft. The SafetyDetectives team has contacted Sphero, providing them with a link to the data leak, perhaps in an effort to confirm its authenticity, and is currently awaiting a response from the company.