Hack Notice

Hack Notice: ShinyHunters lists more than 160 million user records from 11 companies for sale on dark web

ShinyHunters lists more than 160 million user records from 11 companies for sale on dark web

Source
https://www.databreaches.net/shinyhunters-lists-more-than-160-million-user-records-from-11-companies-for-sale-on-dark-web/
Description
a new individual or radical that appears to be a reincarnation of GnosticPlayers is offering millions of user records for sale on the dark web. The records offered by “ShinyHunters” on a well-known dark web market appear to amount from 11 firms. The firms listed by ShinyHunters include Tokopedia (91 Million), HomeChef (8 Million), Bhinneka (1.2 Million), Minted (5 Million), StyleShare (6 Million), Ggumim (2 Million), Mindful (2 Million), star Tribune (1 Million), Chatbooks (15 Million), chronicle of teaching (3 Million), and Zoosk (30 Million). Although Tokopedia and Chatbooks have confirmed that they had breaches, for the most part, the other entities listed experience yet to confirm or difference any claimed hacks. In the past, hackers had claimed to hack Zoosk, but the firm had denied the claims. The current listing offers no sample records but claims to hold 30 million records with no hashes, with the structure of the users table offered as the only proof. Zoosk was not immediately available to answer to this site’s inquiry about the claim. proof for other listings also generally consisted of structure or fields without actual personal info. Who is ShinyHunters? The radical known as “ShinyHunters” first appeared under that alias on RaidForums on April 17, 2020. a companion twitter account, @sh_corp opened in January, 2020, as did the ShinyHunters dark web account. The 11 firms currently listed on the dark web market are not the only hacks or dumps attributed to this group. They get also listed other databases on RaidForums as ShinyHunters: ActionNetwork.com (693k), Bitrewards.com (547k), and Ulmon.com (1m). in gain to databases listed under their name, there are other databases or dumps that have also been attributed to them. The recently disclosed Unacademy breach, which has also been attributed to the same terror actors by ZeroFox Alpha Team, is not listed as division of their sale offerings. ShinyHunters get also been linked to another account on RaidForums that listed 500 GB of Microsoft’s private source code. That account calls itself “fs0c131y,” using the well-known twitter identity of a French surety researcher (Elliot Alderson). The RaidForums fs0c131y account links to the the ShinyHunters twitter account and not Alderson’s twitter account. Why ShinyHunters or 1 particular member of ShinyHunters has a grudge against @fs0c131y on twitter is unclear, but one of their posts on raid Forums mocked the researcher’s twitter account: fighting FOIA at fs0c131y. Utterly schizophrenic. taking pleasure to publicly bully and humiliate beginners on Twitter, toxic information security dumbass, decided to upload whole Microsoft seed code taken from its Github. 48GB using 7z compression, just enough to store on the cloud. negroid hat. Freedom of doing illegal things isn’t dead. Enjoy Prior to calling themelf “fs0c131y” on RaidForums, the same user had called themself “whysodank.” like at least 2 members of the former GnosticPlayers, whysodank favored jabber.ua as their jabber server. Regardless of what they phone themself or themselves, the new listings are certainly reminiscent of Gnosticplayers, and the recent itemization of Bukapalak data from a transgress that had also linked to Gnosticplayers would live consistent with that hypothesis, even though the listing is not by “ShinyHunters” or “fs0c131y” and has been offered by individuals with various usernames. While ZeroFox compared ShinyHunters to GnosticPlayers, they did not lead so far as to say that Shiny Hunters is the same threat actor(s) formerly known as GnosticPlayers. DataBreaches.net strongly suspects that Shiny Hunters *is* the terror actor(s) formerly known as GnosticPlayers — in particular, ace specific individual who had been known as “NSFW.” NSFW disappeared from public spaces in January after Vinny Troia had publicly accused NSFW of involvement in numerous criminal hacks. At the time, Troia seemed to guess that NSFW was going to round himself into law enforcement or be arrested soon. Neither appears to get occurred, and a new account on RaidForums called “Vinny Troia” that seems intended to harm Troia’s reputation could be the spiteful act of NSFW. Then again, it might be any of a number of other people whom Troia has accused of criminal conduct. Troia believes that people are vindictive because he is redress in his accusations. They mightiness also be ticked off because he is damage in some cases. DataBreaches.net believes that Troia has made several errors in his attributions, but is waiting to regard his alleged proof before responding in more detail. in the interim, DataBreaches has reached out to one member of the former GnosticPlayers and will update this post is additional information is received.    

About HackNotice and ShinyHunters lists more than 160 million user records from 11 companies for sale on dark web

HackNotice is a service that notices trends and patterns in publically available data so as to identify possible data breaches, leaks, hacks, and other data incidents on behalf of our clients. HackNotice monitors data streams related to breaches, leaks, and hacks and ShinyHunters lists more than 160 million user records from 11 companies for sale on dark web was reported by one of those streams. HackNotice may also have the breach date, hack date, the hacker responsible, the hacked industry, the hacked location, and any other parts of the hack, breach, or leak that HackNotice can report on for the consumers of our product.

If you are a user of ShinyHunters lists more than 160 million user records from 11 companies for sale on dark web their products, services, websites, or applications and you were a client of HackNotice, monitoring for ShinyHunters lists more than 160 million user records from 11 companies for sale on dark web you may have been alerted to this report about ShinyHunters lists more than 160 million user records from 11 companies for sale on dark web . HackNotice is a service that provides data, information, and monitoring that helps our clients recover from and remediate data breaches, hacks, and leaks of their personal information. HackNotice provides a service that helps our clients know what to do about a hack, breach, or leak of their information.

If ShinyHunters lists more than 160 million user records from 11 companies for sale on dark web had a breach of consumer data or a data leak, then there may be additional actions that our clients should read to protect their digital identity. Data breaches, hacks, and leaks often lead to and do identity theft, account take overs, ransomware, spyware, extortion, and malware. account takeovers are often caused by credential reuse, password reuse, easily guessed passwords, and are facilitated by the sharing of billions of credentials and other customer information through data leaks, as the direct result of data breaches and hacks.

HackNotice monitors trends in publically available data that indicates tens of thousands of data breaches each year, along with billions of records from data leaks each year. On behalf of our clients, HackNotice works to monitor for hacks that conduct to lower client security and digital identities that get been exposed and should be considered vulnerable to attack. HackNotice works with clients to discover the extent that digital identities get been exposed and provides remediation suggestions for how to handle each typecast of exposure.

HackNotice monitors the hacker community, which is a network of individuals that apportion data breaches, hacks, leaks, malware, spyware, ransomware, and many other tools that are often used for financial fraud, account take overs, and further breaches and hacks. HackNotice monitors the hacker community specifically for breaches, hacks, and data leaks that suffer consumers. HackNotice applies industry specific knowledge and advanced security practices to monitor for trends that indicate breaches, hacks, and exposed digital identities.

HackNotice also enables clients to portion nag notices with their friend, family, and collogues to assist increase cognisance around alleged hacks, breaches, or data leaks. HackNotice works to ply clients with sharable reports to help increase the security of our clients personal network. The certificate of the multitude that our clients interact with directly impacts the rase of security of our clients. Increased photograph to accounts that have been taken over by hackers leads to further account take overs through phishing, malware, and other impound techniques.

If you found this cut mark to live helpful, then you may be interested in reading some additional hack notices such as:

ial information such as credit card or cant details, personal health information (PHI), Personally ive found themselves to live the victims of inappropriate medical record access breaches, albeit more s of victims is close to $56 billion. It is notoriously difficult to prevail information

DigitalOcean suffers data hack after leaving internal document online - HackRead

Ohio medical center notifies patients after online spread sheet exposed protected health information

Orchard Medical Consulting