One Million ‘Star Tribune’ Users’ Data Leaked on Dark Web Forums

  • Dark web users are freely sharing the ‘Star Tribune’ user data that was first sold by Shiny Hunters six months ago.
  • That data, along with the set, were protected by bcrypt hashing, so the passwords couldn’t be broken.
  • This makes the data almost worthless for credentials stuffers, but they could still be used in phishing operations.

In May 2020, the notorious data broker “Shiny Hunters” put up a massive database for sale, offering 73.2 million user records from eleven companies. Among them, there was a set of one million user records belonging to ‘Star Tribune,’ the largest newspaper in Minnesota, USA.

That pack had a price of $1,100, and it looks like all of its selling potential has been exhausted now, after almost six months since the pack is now shared for free on popular Russian-speaking forums on the dark web.

Source: CyberNews

The pack that’s being shared is a 900 MB SQL file which contains the following data:

  • Email address
  • Username
  • Hashed passwords
  • Names
  • Dates of Birth
  • Addresses
  • Phone numbers

The newspaper had informed its subscribers that their passwords were encrypted since May, and the hashing algorithm used (bcrypt) is considered to be very strong. Thus, one explanation about the open leak of this data is that there was no value in it for hackers looking to engage in credential stuffing attacks. If you receive any unsolicited messages (email or SMS) making bold or weird claims, ignore them.

Still, having names, email addresses, home addresses, and phone numbers in the set is amazingly useful for scammers and phishing actors, and this is not the kind of data that can be reset like passwords. Also, even though the passwords were stored in a safe format, you should still reset them from anywhere you could be using them and pick something new, unique, and strong.

If you have any questions or concerns about this hack and how it affects you, Star Tribune is open to address them at 612-673-4343 or via email at

In addition to the ‘Star Tribune’ data, the same leaker shared the five million records of the users, consisting of the same type of information. In that case, too, bcrypt was used to hash the user passwords, so this appears to be the common denominator that drops the value of that data down to “freely shareable.”


Recent Articles

How to Watch UFC 257: Poirier vs. McGregor 2 – Live Stream, Start Time, Fight Card, Betting Odds

We're finally getting a rematch between Dustin Poirier and Conor McGregor, a rematch in the making for over six years. UFC 257...

Two Baidu Apps Found to Be Leaking Sensitive User Data

Researchers uncovered what really goes on under the hood of two Baidu apps for Android.The apps are collecting sensitive user and device...

Indian Government Adds Another 43 Chinese Apps on the Blocklist

Another 43 Chinese apps have been added to India’s blocklist, citing reasons of national security.Among the entries of the new set, the...