Brinztech Alert: Alleged Database of InterSport is on Sale

Dark Web News Analysis

The dark web news reports a significant data breach involving InterSport, a major international sportswear retailer. A threat actor on a hacker forum is currently offering a database for sale that purportedly contains over 2.6 million unique email addresses and associated customer records.

The breach reportedly occurred around March 15, 2025. The asking price is set at $2,000 (payable in Monero/XMR), a relatively low figure that suggests the seller aims for a quick sale. The compromised dataset is extensive, including Full Names, Phone Numbers, Physical Addresses, Loyalty Numbers, Order Details, Customer Service Interactions, and critically, PayPal Transaction Details.

Key Cybersecurity Insights

Breaches of major retailers involving loyalty and payment data create a multi-layered threat landscape for consumers:

• PayPal Phishing Vector: The inclusion of PayPal Transaction Details is highly dangerous. Scammers can use this data to send emails that look like official PayPal dispute notifications: “Transaction #12345 to InterSport for $99.00 has been flagged. Click here to verify.” Because the transaction details are real, the victim is likely to click the malicious link and surrender their PayPal credentials.
• Loyalty Program Fraud: The leak includes Loyalty Numbers. Attackers can use these to drain accrued points or discounts, selling the rewards on secondary markets. They may also use the loyalty account as a backdoor to access the user’s main profile if security is weaker on the rewards portal.
• Customer Service Social Engineering: With access to Customer Service Interactions (e.g., chat logs or emails), attackers can pose as “InterSport Support” to follow up on a past issue. They might say, “We are finally processing the refund for your complaint from March. We just need your card number to deposit the funds.”
• Credential Stuffing: With 2.6 million emails exposed, attackers will immediately test these Email/Password combinations (if passwords were also leaked or reused) against other high-value sites like Amazon or Netflix.

Mitigation Strategies

To protect shoppers and financial accounts, the following strategies are recommended:

• PayPal Vigilance: InterSport customers should login directly to their PayPal accounts to check for unauthorized activity. Never click links in emails claiming to be from PayPal regarding an InterSport purchase.
• Loyalty Point Audit: Users should check their InterSport loyalty balance. If points are missing, report it to customer service immediately.
• Credential Reset: Force a password reset for the InterSport account. Since the breach date is March 2025, any password used during that period is potentially compromised.
• Data Monitoring: Users should monitor their credit reports for signs of identity theft, as the leak includes names, addresses, and phone numbers—key ingredients for opening fraudulent utility or phone accounts.

Secure Your Business with Brinztech — Global Cybersecurity Solutions

Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback?

For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com