Domaine-Legal is a French platform that connects clients and advocates “in the best place, best moment and the best tariff” as per website.
On January 2022 hacker under alias “vinsentromanovych”, has shared on a popular underground forum database that allegedly belongs to the French company.
Interestingly, hacker provides a supporting message where he claims no one in Domaine Legal “cares about data privacy, specially the guys owning this platform, I am giving it away.”. Kaduu Team supposes that hacker might have contacted the website owners and didn’t get reply, although it stays only a theory.
As hacker describes file himself:
“The breach date from the end of 2020/02 although not that fresh they are still extremely valuable. It is the whole dump of their production database at the time. Therefore it contained all their cases at the time, exchanges with the counselor in the web application. Contact of the customers, partner lawyers.
- There is a total of approximately more than 7000 customers. Contacts are off course detailed.
- 6838 prospects and their detailed contact
- The reason of their legal advice support in different tables depending on the communication channel (it seems at first glance)
- Payments details
- Passwords are hashed and encrypted (at least)
- There are many more tables in the database to explore extensively”