A hacker has leaked to dark forum databases, exposing more than 386 million user files, which are said to have been stolen from 18 Companies, after the violations data. As of July 21, a seller of stolen goods data which is known in Internet as a ShinyHunters, began leaking corporate databases for free to a hacking forum known for selling and sharing stolen data. Many of the companies affected are unaware of the breach and leak.
ShinyHunters is responsible for a wide variety of data breaches that occurred in 2019, including those Wattpad, Dave, Chatbooks, Promo.com, Mathway, HomeChef, and the GitHub Private Repository breach of Microsoft.
Databases stolen in infringements are usually sold first privately, at prices ranging from $ 500 to $ 100.000. In addition, when databases no longer offer any benefit to threatening agents, they usually publish them in hacking forums to increase the reputation of their community.
Nine of the databases released since July 21 have already been revealed in some way in the past. The other nine though, including Havenly, Indaba Music, Ivoy, Proctoru, Rewards1, Scentbird and Vakinha, not previously disclosed. The companies that have been breached and affected by the leak are the following:
|Company||User Records||Reported Breach Date||Known?|
|Chatbooks.com||15.8 million||March 26th, 2020||Yes|
|Dave.com||7 million||July 2020 *||Yes|
|Drizly.com||2.4 million||July 2020 *||No|
|GGumim.co.kr||2.3 million||March 2020 *||Yes|
|Havenly.com||1.3 million||June 2020 *||No|
|Mathway.com||25.8 million||January 2020 *||Yes|
|Promo.com||22 million||July 2020||Yes|
|Rewards1.com||3 million||July 2020 *||No|
|Wattpad||270 million||June 2020 *||Yes|
|* Based on threat actor's statements|
From the samples displayed in these databases, the addresses e-mail leaked, appear to correspond to accounts belonging to these services. In total, the databases expose more than 386 million user files. Although millions are not included in the millions of files Password, there is a lot of other information on display and therefore, agents can use it threats.
The answer given by the hacker "ShinyHunters" to Bleeping Computer, when asked the reason that led him to the leak of all these databases, is particularly impressive. Specifically, the hacker stated that the leak was done "for the benefit of all".
The companies that allegedly suffered data breaches have not yet commented on the matter. In general, it is a common phenomenon when it is published that a company has suffered infringement do not comment, and it can usually take weeks or even months to confirm the incident.
Users of violated services are advised to change their site password immediately. Also, if they use the same password on other sites, they will have to change the password on them as well, setting a unique and strong password, which they will use only on this site.
Using unique passwords prevents a site breach from affecting users on other sites that they may use. Finally, when it comes to passwords, it is still recommended to use one password manager application.