PandaBuy, a shopping platform, has suffered a significant data breach, affecting over 1.3 million users, specifically 1,348,407 accounts. Threat actors identified as "Sanggiero" and "IntelBroker" have exfiltrated sensitive information including user IDs, first and last names, phone numbers, email addresses, login IPs, full addresses, and order information. The breach has been confirmed by various sources, though there has been no official statement from PandaBuy regarding the incident. Additionally, it was reported that 35% of the breached email addresses were already in the database of Have I Been Pwned, a website that allows internet users to check whether their personal data has been compromised.