Regpack

What Happened

In July 2016, a tweet was posted with a link to an alleged data breach of BlueSnap, a global payment gateway and merchant account provider. The data contained 324k payment records across 105k unique email addresses and included personal attributes such as name, home address and phone number. The data was verified with multiple Have I Been Pwned subscribers who confirmed it also contained valid transactions, partial credit card numbers, expiry dates and CVVs. A downstream consumer of BlueSnap services known as Regpack was subsequently identified as the source of the data after they identified human error had left the transactions exposed on a publicly facing server. A full investigation of the data and statement by Regpack is detailed in the post titled Someone just lost 324k payment records, complete with CVVs.

Compromised Data

Browser user agent details
Credit card CVV
Email addresses
IP addresses
Names
Partial credit card data
Phone numbers
Physical addresses
Purchases

Recommended Actions

Monitor for Suspicious Activity

Watch for unusual login attempts, spam and phishing emails.

1Password

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password

Breach Overview

  • Affected Accounts:

    105 thousand

  • Breach Occurred:

    May 2016

  • Added to HIBP:

    13 Sep 2016

Recommended Actions

Change Your Password

If you haven't changed your Regpack password since 2016, do so immediately.

Enable Two-Factor Authentication

Add an extra layer of security to your account.

Check Other Accounts

If you used the same password elsewhere, change those too.

Monitor for Suspicious Activity

Watch for unusual login attempts or messages from your account.

1Password

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password