The known threat actor ShinyHunters has begun leaking for free the databases of multiple companies on a hacker forum.
A couple of days ago, the popular digital banking app Dave.com disclosed a security breach after ShinyHunters leaked 7,516,625 user records on a crime forum.
In the past months, ShinyHunters made the headlines for selling data of many other organizations, below the complete list published by BleepingComputer:
Company | User Records | Price |
Tokopedia | 91 million | $5,000 |
Homechef | 8 million | $2,500 |
Bhinneka | 1.2 million | $1,200 |
Minted | 5 million | $2,500 |
Styleshare | 6 million | $2,700 |
Ggumim | 2 million | $1,300 |
Mindful | 2 million | $1,300 |
StarTribune | 1 million | $1,100 |
ChatBooks | 15 million | $3,500 |
The Chronicle Of Higher Education | 3 million | $1,500 |
Zoosk | 30 million | $500 |
The group was also involved in the leak of the Promo.com data and the breach of Microsoft private GitHub repository.
The threat actors released nine new databases belonging to several companies, including Havenly, Indaba Music, Ivoy, Proctoru, Rewards1, Scentbird, and Vakinha. The remaining nine databases were already released by ShinyHunters in the past.
BleepingComputer verified the authenticity of some of the exposed data and published the full list of the 18 archives leaked by the threat actor:
Company | User Records | Reported Breach Date | Known? |
Appen.com | 5.8 Million | N/A | No |
Chatbooks.com | 15.8 Million | March 26th, 2020 | Yes |
Dave.com | 7 Million | July 2020 * | Yes |
Drizly.com | 2.4 Million | July 2020 * | No |
GGumim.co.kr | 2.3 Million | March 2020 * | Yes |
Havenly.com | 1.3 Million | June 2020 * | No |
Hurb.com | 20 Million | N/A | Yes |
Indabamusic.com | 475 Thousand | N/A | No |
Ivoy.mx | 127 Thousand | N/A | No |
Mathway.com | 25.8 Million | January 2020 * | Yes |
Proctoru.com | 444 Thousand | N/A | No |
Promo.com | 22 Million | July 2020 | Yes |
Rewards1.com | 3 Million | July 2020 * | No |
Scentbird.com | 5.8 Million | N/A | No |
Swvl.com | 4 Million | N/A | Yes |
TrueFire.com | 602 Thousand | N/A | Yes |
Vakinha.com.br | 4.8 Million | N/A | No |
Wattpad | 270 Million | June 2020 * | Yes |
* Based on threat actor’s statements |
From the samples seen of these databases, BleepingComputer has confirmed that the exposed email addresses correspond to accounts on the services.
The huge trove of data contains over 386 million user records, but only some of them included the user’s password.
Users of the above companies are recommended to change their passwords as soon as possible, they have to change the passwords where they used the same login credentials.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, ShinyHunters)
[adrotate banner=”5″]
[adrotate banner=”13″]