A threat actor going by the alias Sophia01 has allegedly listed for sale a database belonging to 10ngah.com, an online shopping platform based in South Africa.
The advertisement, spotted on a dark web forum, claims that the database contains over 140,000 records of customer information. The exposed details reportedly include:
- Full names
- Email addresses
- Passwords (hashed)
- Phone numbers
- Birth dates
- Physical addresses
From the sample data shared, the leak appears to expose both personal and contact information of South African consumers, raising concerns about the potential misuse of this data for phishing, identity theft, and fraud.
The database is being offered directly through the seller’s Telegram handle, further indicating that cybercriminal networks are actively facilitating transactions involving sensitive consumer data.
This incident highlights the growing risks faced by African e-commerce platforms, as attackers increasingly target online shopping databases for financial gain.