Brinztech Alert: Customer Database of UK Firm Solware Leaked, Exposing User Credentials

Dark Web News Analysis

A threat actor has leaked a database on a prominent cybercrime forum, claiming it was stolen from the UK-based company Solware. This is a highly technical and severe data breach. The attacker has not only leaked user data but has also published the entire database schema for the “livesole” database, which includes the names of all 230 tables.

The leak contains customer emails, telephone numbers, and their corresponding hashes and salts. The public release of an entire database schema provides a detailed architectural blueprint of the company’s data infrastructure, indicating a deep and privileged compromise. While hashing passwords is a standard security practice, the public availability of the hashes and their corresponding salts allows malicious actors to run offline cracking attacks. Using powerful computing resources, they can systematically recover the original plain-text passwords, especially for users who chose common or weak ones.

The primary and most immediate danger is that attackers will use the recovered email and password pairs in widespread, automated credential stuffing attacks against other, more valuable online services.

Key Cybersecurity Insights

This data leak presents several immediate and severe threats:

• High Risk of Widespread Credential Stuffing Attacks: This is the most critical and widespread danger. Because password reuse is extremely common, attackers will take the list of emails and cracked passwords from this breach and use automated bots to test them on thousands of other websites, including banking, e-commerce, social media, and corporate accounts. Any account where a user reused their Solware password is at an immediate high risk of being taken over.
• Full Database Schema Leak Indicates a Deep, Privileged Compromise: The leak of the entire 230-table database schema is a major red flag. It shows that the attacker didn’t just exploit a simple vulnerability to dump a user list; they likely achieved a high level of privileged access to the database server itself. This blueprint can be studied by other attackers to find more complex logical flaws and vulnerabilities within Solware’s application.
• Severe GDPR and ICO Compliance Failure: As a company operating in the United Kingdom, Solware is subject to the UK’s Data Protection Act and GDPR. A breach of this nature, exposing the personal data and credentials of its customer base, constitutes a severe compliance failure. The company faces a mandatory investigation by the UK’s Information Commissioner’s Office (ICO), the certainty of significant reputational damage, and the high probability of multi-million-pound fines.

Mitigation Strategies

In response to a data breach of this nature, the company and its customers must take immediate and decisive action:

• Launch Full-Scale Incident Response and Assume Total Compromise: Solware must assume a critical breach has occurred and immediately engage a professional digital forensics and incident response (DFIR) firm. Their top priorities must be to validate the breach, identify and remediate the security vulnerability that was exploited, determine the full scope of the data that was lost, and prepare for their legal obligation to notify the ICO and all affected customers.
• Mandate Immediate Password Reset and Enforce MFA: This is the most direct and urgent defense against the leaked credentials being used. Solware must invalidate all existing user passwords and force a mandatory password reset for all customers. Furthermore, they must strongly encourage or, ideally, enforce the use of strong Multi-Factor Authentication (MFA) to protect user accounts, even if future passwords are stolen.
• Customers Must Assume Credential Compromise and Change All Reused Passwords: All customers of Solware must operate under the assumption that their password is now in the hands of criminals. Their most urgent and critical task is to identify any other online account (personal email, banking, social media, etc.) where they have used the same or a similar password as their Solware account and change it immediately to a new, strong, and unique password.

Secure Your Business with Brinztech — Global Cybersecurity Solutions Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback? Brinztech provides cybersecurity services worldwide and does not endorse or guarantee the accuracy of external claims. For any inquiries or to report this post, please email: contact@brinztech.com