Evap.ma, a Moroccan e-cigarette retailer, has reportedly suffered a data breach exposing sensitive customer information. The threat actor published a dataset allegedly containing login details of around 100 Evap.ma customers. The exposed information allegedly includes names, usernames, email addresses, and passwords. While the passwords appear encrypted, the attackers claimed that many still function, raising serious concerns about weak or improperly secured credentials.
The breach reportedly also included the login details of an administrator account.