Recherche : [VirtualMacOSX.com]

10K Records Allegedly from Mac Cloud Provider’s Customers Exposed Online https://www.safetydetectives.com/news/vmosx-leak-report/

18/06/2025 09:31:40

SafetyDetectives’ Cybersecurity Team stumbled upon a clear web forum post where a threat actor publicized a database that allegedly belongs to VirtualMacOSX.com. The data purportedly belongs to 10,000 of its customers.
In a recent discovery, SafetyDetectives’ Cybersecurity Team stumbled upon a clear web forum post where a threat actor publicized a database that allegedly belongs to VirtualMacOSX.com. The data purportedly belongs to 10,000 of its customers.

What Is VirtualMacOSX.com?
According to its website, VirtualMacOSX serves 102 countries and has offered “Apple Macintosh cloud based computing since 2012. With the greatest range of cloud based Apple products and services available anywhere on the Web.”

Where Was The Data Found?
The data was found in a forum post available on the clear surface web. This well-known forum operates message boards dedicated to database downloads, leaks, cracks, and more.

What Was Leaked?
The author of the post included a 34-line sample of the database, the full database was set to be freely accessible to anyone with an account on the forum willing to either reply or like the post.

Our Cybersecurity Team analyzed a segment of the dataset to validate its authenticity. Although the data appeared genuine and we saw indicatives in invoices sent to VirtualMacOSX, we could not definitively confirm that the data belonged to VirtualMacOSX’s customers as, due to ethical considerations, we refrained from testing the exposed credentials.

The entire dataset consisted of 176,000 lines split across three separate .txt files named ‘tblcontacts,’ ‘tbltickets,’ and ‘tblclients.’

The sensitive information allegedly belonging to VirtualMacOSX’s customers included:

User ID
Full name
Company name
Email
Full physical address
Phone number
Password
Password reset key
We also saw customers’ financial data such as:

Bank name
Bank type
Bank code
Bank account
And User’s Support tickets containing:

User ID
IP Address
Full name
Email
Full Message
This type of data is critical as it might be employed by potential wrongdoers to plan and perform various types of attacks on the impacted clients.

Liens par page

Filtres