Brinztech Alert: The Alleged Database of ePRICE is on Sale

Dark Web News Analysis

The dark web news reports a potential data breach involving ePRICE, a well-known Italian e-commerce platform. A threat actor on a hacker forum is actively selling a database allegedly containing 229,732 user records.

The seller is asking for a relatively low price of $250 and claims to be selling the dataset “ONLY ONCE,” a tactic often used to create artificial urgency. The breach is claimed to have occurred on December 23, 2025. The compromised fields include Usernames, Full Names, Phone Numbers, Cart/Favorite Counts, and critically, Session-Related Cookies.

Key Cybersecurity Insights

While the volume of data is moderate, the inclusion of technical session data changes the threat landscape significantly:

• Session Hijacking (The Cookie Threat): The most dangerous field in this leak is the cookies_header. If these session cookies are valid and not expired, attackers can import them into their browsers to bypass login screens and Multi-Factor Authentication (MFA) entirely. This grants them immediate access to user accounts as if they were the legitimate owner.
• Shopping Pattern Profiling: The exposure of Cart and Favorite Counts provides attackers with behavioral data. They can identify active shoppers or high-value targets (those with many expensive items in their cart) to prioritize for phishing or fraud.
• Date & Credibility Anomalies: The claimed breach date (December 23, 2025) was flagged in initial reports as potentially being “future-dated” relative to when the leak first appeared, or simply inconsistent with the data’s age. This, combined with the low price of $250, suggests the data could be older, fabricated, or dumped from a test environment rather than a live production database.
• Identity Theft & Smishing: With access to Phone Numbers and Full Names, attackers can launch targeted SMS phishing (Smishing) campaigns in Italian, posing as ePRICE support regarding a “problem with your recent cart items” to steal credit card details.

Mitigation Strategies

To protect user accounts and validate the breach, the following strategies are recommended:

• Session Invalidation: ePRICE administrators should immediately invalidate all active user session tokens. This will forcibly log out all users and render the stolen cookies useless.
• Cookie Clearing: Users should be advised to clear their browser cookies and cache to ensure no lingering session data can be exploited.
• Credential Rotation: Although passwords were not explicitly highlighted as “plaintext” in the sample, a password reset is strongly recommended as a precaution against credential stuffing.
• Source Verification: The IT security team must verify if the data matches live production records. The “cart count” is a unique metric—checking if specific users actually had those exact item counts on December 23rd will quickly confirm the leak’s authenticity.

Secure Your Business with Brinztech — Global Cybersecurity Solutions

Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback?

For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com