A threat actor is selling databases that contain user records for 14 different organizations he claimed were hacked in 2020, only for four of them (HomeChef, Minted, Tokopedia, and Zoosk) were previously reported data breaches.
The list of companies allegedly hacked include food delivery services, soccer streaming services, fashion and game sites, and loans.
The databases contain a total of 132,957,579 user records.
The databases are available for sale on multiple hacker forums, the all includes usernames and hashed passwords.
According to BleepingComputer, the prices for the databases can be as low as $100, while some databases available for sale go for $1,100.
“From samples of user records seen by BleepingComputer, the data breaches look legitimate, but they have not been confirmed directly by the companies.” reported BleepingComputer.
Below the list of database offered for sale by the threat actor.
| Company | # of records | Alleged Breach Date |
| DarkThrone | 282,825 | June 2020 |
| Efun | 2.2 million | 2020 |
| Fluke | 353,321 | June 2020 |
| Footters | 209,783 | June 2020 |
| HomeChef | 8 million | 2020 |
| JamesDelivery | 1.6 million | March 2020 |
| KitchHike | 115,480 | June 2020 |
| KreditPlus | 896,170 | June 2020 |
| Minted | 4.3 million | May 2020 |
| Playwings | 4.1 million | April 2020 |
| Revelo | 1.1 million | June 2020 |
| Tokopedia | 91 million | April 2020 |
| Yotepresto | 1.4 million | June 2020 |
| Zoosk | 29.1 million | January 2020 |
Users of the above websites are recommended to change their passwords on the breached site and on any other site where they used the same credentials.
The availability of this data online poses a serious risk to the users that could be targeted with credential stuffing attacks.
The same threat actor is also selling databases from older breaches including EpicGames, Star Tribune, ZyngaPoker, and Wirecard.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, data breaches)
[adrotate banner=”5″]
[adrotate banner=”13″]
Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec…
Cyberattack on United Natural Foods Inc. (UNFI) disrupts deliveries, causing Whole Foods shortages nationwide after…
Resecurity researchers found 7.4 million records containing personally identifiable information (PII) of Paraguay citizens on…
Apple confirmed that a security flaw in its Messages app was actively exploited in the…
Trend Micro fixed multiple vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer…
Security researchers at Citizen Lab revealed that Paragon's Graphite spyware can hack fully updated iPhones…
This website uses cookies.
