publication
2025-11-04 06:00
There was a data leak from the sky-shop.pl platform, which is used by thousands of stores. As a result, customer data from 9,000 stores fell into the wrong hands. Specialists recommend that you reserve your PESEL numbers. In recent days, a fake SGB bank application and attempted attacks using the image of the Ministry of Digitization have also appeared.
The Niebezpiecznik website described the incident in detail on the sky-shop.pl platform. Store owners received information about the leak of customer data. These include name and surname, e-mail address, mailing address, telephone number and password hashes. The cause was said to be a rare error in the web component. The leak concerns people who created accounts in stores. According to this information, shopping without registration was not within the burglar's reach. Niebezpiecznik experts recommend changing the password in a given store and everywhere where it was the same. It is also worth considering blocking the PESEL number (to prevent, for example, an attempt to obtain a duplicate SIM card).
– The attacker downloaded data packages containing the following data: name and surname, e-mail, telephone number, postal address, invoicing data, information about the domain of the store to which the account is assigned and the password hash if it was set – reports one of the stores.
“The attacker did not gain access to, among others, order history, payment card details, bank account numbers and the passwords themselves. The password hash used in the system we use significantly minimizes the risk of guessing the password on its basis, but does not exclude such a possibility. Therefore, if you have an account in our store, we recommend changing the password used in our store, as well as in all other places where the same password was used.” – we read in the correspondence sent to customers.
This is not the only attack of the past week
CSIRT KNF, in turn, warned against a malicious application impersonating SGB Bank. The goal is to steal card data and funds. The application is distributed outside the official store. Criminals trick victims into installing and granting permissions. This “update” is actually malware. If you installed something from outside Google Play, uninstall it, scan your device and block the card.
Local government units were also targeted, where messages stylized as the correspondence of the Ministry of Digitization were sent. According to CERT, inside there was an XLSX sheet with a link that led to an executable file. Once launched, the virus infected the computer. The government website confirmed the warning. He indicated that the target were local government units and that the impersonation also concerned Deputy Minister Paweł Olszewski. If such an e-mail has been received by the office, do not open the attachment and do not click on the links.
How not to fall for the bottle?
Do not click on links from SMS messages about expiration of access or “underpayment of PLN 1”. The bank does not ask for card details in or outside the application. The Ministry does not send .exe files in a spreadsheet. The store does not ask you to re-register via the link from the advertisement. Verify domain and certificate.
Data leakage is not just about spam. This is the risk of hacking into your accounts by recovering passwords. These are “courier” and “additional payment” attacks. These are fake calls from the “bank” quoting your real details. Ignore every such call and call back the number from the bank's official website.
