“Shiny Hunters” Group Is Selling User Records From 11 Companies on the Dark Web

  • “Shiny Hunters” have put up a massive database of stolen user records for sale on the dark web.
  • The data isn’t worth a much but is not sold exclusively so that it can reach many malicious actors out there.
  • Most of the affected companies hadn’t disclosed anything about a security incident, so this case is revealing.

The hacking group known as “Shiny Hunters” has put up a massive database for sale on the dark web, consisting of 73.2 million user records belonging to eleven companies. This is the same group of threat actors that has published the “Tokopedia” dump at the beginning of the month, and those who claim to have stolen 500 GB from Microsoft’s private repositories on GitHub last week. Now, the group is selling the following data on the dark web, and the first samples that were analyzed seem to confirm their legitimacy.

Company User Records Price
Tokopedia 91 million $5,000
Homechef 8 million $2,500
Bhinneka 1.2 million $1,200
Minted 5 million $2,500
Styleshare 6 million $2,700
Ggumim 2 million $1,300
Mindful 2 million $1,300
StarTribune 1 million $1,100
ChatBooks 15 million $3,500
The Chronicle of Higher Education 3 million $1,500
Zoosk 30 million $500

The above bring surprise to the affected individuals, as the companies that suffered the breaches didn’t realize them, or chose not to inform their users about the incidents. The first firm to step forward was ChatBooks, a photo print services provider that saw 15 million of its records being sold for $3,500.

ChatBooksBreachNote
Source: Bleeping Computer

According to the company, the hacker who has managed to access its systems stole a portion of the user data stored there. It includes Facebook IDs, social media access tokens (no longer active), merchant tokens (no longer valid), and phone numbers. ChatBooks claims to have learned about this on May 5, 2020, and after investigating, they figured that the breach occurred on March 26, 2020. No credit card or payment information was stored in the systems, so nothing of this type has been stolen. Similarly, the users’ photos and personal data was kept safe from the infiltrators.

ChatBooksDataSell
Source: Bleeping Computer

The group is selling the above to anyone who pays for it, meaning there are no limits as to how many can purchase the dump using Bitcoin or Monero. One more detail that concerns the ChatBooks dump is that passwords are present in the data, but they are hashed and salted. This doesn’t mean that they are absolutely secured, but it would require a lot of additional effort from the malicious actors to be able to crack some of them. Most of them won’t even bother, and users will have the time to reset their credentials on ChatBooks and anywhere else that they may be using the same passwords.

REVIEW OVERVIEW

Latest

Pinelands Regional School District Announced Data Breach

Pinelands Regional School District concluded an investigation about a data breach they had in March this year.The breach happened using then board...

Banking Trojan Targets 100 Organizations in Brazil

A banking trojan from Latin America was found targeting almost 100 Brazilian organizations and individuals.The malware was first noticed in late August...

The Number of Phishing Emails Impersonating Craigslist Is Growing

Craigslist Gsuite & Microsoft users are being targeted with phishing emails that present a fake user login page.These emails rely on brand...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari