A Dark Web Data Broker Is Selling User Records Coming From 14 Companies

Written by Bill Toulas
Last updated September 25, 2021

A stolen data broker is offering millions of user records taken from data breaches that allegedly happened in 2020. The information is the result of exfiltrating the databases found in the compromised systems of 14 firms, four of which have already admitted a security incident in May, when "Shiny Hunters" put up their user details for sale on the dark web. The following table provides an overview of what has been put up for sale this time. It's important to clarify that the data broker is selling the below individually, setting the cost between $100 and $1,100.


Source: Bleeping Computer

As for what type of data is included in each offering, this depends on the database. In general, there are usernames, email addresses, hashed passwords, home addresses, full names, social media profiles, and phone numbers. The implications for the exposed individuals range from scams and phishing attempts, email- and SMS-based trickery to bypassing 2FA via SIM swapping attacks. Some platform listings aren't dealing with critical stuff, as they are about soccer streaming or food delivery services. Others, however, are more important as they contain data of people who registered on loan platforms.

Platform User Records Alleged Breach Date
DarkThrone 282,825 June 2020
Efun 2.2 million 2020
Fluke 353,321 June 2020
Footters 209,783 June 2020
HomeChef 8 million 2020
JamesDelivery 1.6 million March 2020
KitchHike 115,480 June 2020
KreditPlus 896,170 June 2020
Minted 4.3 million May 2020
Playwings 4.1 million April 2020
Revelo 1.1 million June 2020
Tokopedia 91 million April 2020
Yotepresto 1.4 million June 2020
Zoosk 29.1 million January 2020

In addition to the above, the same data broker is also selling older breaches like those of the Star Tribune, EpicGames, ZyngaPoker, ReverbNation, Wirecard, ClickFunnels, and more. The user information from these data breaches has already been exploited. Still, some value remains, most likely for those looking to distribute spam across millions of valid email addresses.


Source: Bleeping Computer

The ten firms who look like they suffered a security incident that they chose not to disclose haven't responded through any public announcements yet, which is unfortunately quite typical nowadays. Thus, people shouldn't expect to receive a warning from the platforms. If you have an account on the above websites, go ahead and reset your passwords, and do the same on any other online platform that you may be using the same credentials.

Right now, there are so many data breaches going on that it has gotten practically impossible for people even to keep up. Firms are exploiting the rate by which newer breaches steal the news headlines and the lack of concrete data protection laws that would compel them to disclose these incidents, so they are just playing deaf. That said, the user should act more responsibly in taking every precaution that would help secure your data.

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: