“Shiny Hunters” Group Is Selling User Records From 11 Companies on the Dark Web

By Bill Toulas / May 11, 2020

The hacking group known as “Shiny Hunters” has put up a massive database for sale on the dark web, consisting of 73.2 million user records belonging to eleven companies. This is the same group of threat actors that has published the “Tokopedia” dump at the beginning of the month, and those who claim to have stolen 500 GB from Microsoft’s private repositories on GitHub last week. Now, the group is selling the following data on the dark web, and the first samples that were analyzed seem to confirm their legitimacy.

Company User Records Price
Tokopedia 91 million $5,000
Homechef 8 million $2,500
Bhinneka 1.2 million $1,200
Minted 5 million $2,500
Styleshare 6 million $2,700
Ggumim 2 million $1,300
Mindful 2 million $1,300
StarTribune 1 million $1,100
ChatBooks 15 million $3,500
The Chronicle of Higher Education 3 million $1,500
Zoosk 30 million $500

The above bring surprise to the affected individuals, as the companies that suffered the breaches didn’t realize them, or chose not to inform their users about the incidents. The first firm to step forward was ChatBooks, a photo print services provider that saw 15 million of its records being sold for $3,500.


Source: Bleeping Computer

According to the company, the hacker who has managed to access its systems stole a portion of the user data stored there. It includes Facebook IDs, social media access tokens (no longer active), merchant tokens (no longer valid), and phone numbers. ChatBooks claims to have learned about this on May 5, 2020, and after investigating, they figured that the breach occurred on March 26, 2020. No credit card or payment information was stored in the systems, so nothing of this type has been stolen. Similarly, the users’ photos and personal data was kept safe from the infiltrators.


Source: Bleeping Computer

The group is selling the above to anyone who pays for it, meaning there are no limits as to how many can purchase the dump using Bitcoin or Monero. One more detail that concerns the ChatBooks dump is that passwords are present in the data, but they are hashed and salted. This doesn’t mean that they are absolutely secured, but it would require a lot of additional effort from the malicious actors to be able to crack some of them. Most of them won’t even bother, and users will have the time to reset their credentials on ChatBooks and anywhere else that they may be using the same passwords.

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari