ShinyHunters leaked over 386 million user records from 18 companies

Pierluigi Paganini July 28, 2020

ShinyHunters, a trusted threat actor, is offering on a hacker forum the databases stolen from eighteen companies, over 386 million user records available online.

The known threat actor ShinyHunters has begun leaking for free the databases of multiple companies on a hacker forum.

A couple of days ago, the popular digital banking app Dave.com disclosed a security breach after ShinyHunters leaked 7,516,625 user records on a crime forum.

In the past months, ShinyHunters made the headlines for selling data of many other organizations, below the complete list published by BleepingComputer:

CompanyUser RecordsPrice
Tokopedia91 million$5,000
Homechef8 million$2,500
Bhinneka1.2 million$1,200
Minted5 million$2,500
Styleshare6 million$2,700
Ggumim2 million$1,300
Mindful2 million$1,300
StarTribune1 million$1,100
ChatBooks15 million$3,500
The Chronicle Of Higher Education3 million$1,500
Zoosk30 million$500

The group was also involved in the leak of the Promo.com data and the breach of Microsoft private GitHub repository.

The threat actors released nine new databases belonging to several companies, including Havenly, Indaba Music, Ivoy, Proctoru, Rewards1, Scentbird, and Vakinha. The remaining nine databases were already released by ShinyHunters in the past.

BleepingComputer verified the authenticity of some of the exposed data and published the full list of the 18 archives leaked by the threat actor:

CompanyUser RecordsReported Breach DateKnown?
Appen.com5.8 MillionN/ANo
Chatbooks.com15.8 MillionMarch 26th, 2020Yes
Dave.com7 MillionJuly 2020 *Yes
Drizly.com2.4 MillionJuly 2020 *No
GGumim.co.kr2.3 MillionMarch 2020 *Yes
Havenly.com 1.3 MillionJune 2020 *No
Hurb.com20 MillionN/AYes
Indabamusic.com475 ThousandN/ANo
Ivoy.mx127 ThousandN/ANo
Mathway.com25.8 MillionJanuary 2020 *Yes
Proctoru.com444 ThousandN/ANo
Promo.com22 MillionJuly 2020Yes
Rewards1.com3 MillionJuly 2020 *No
Scentbird.com5.8 MillionN/ANo
Swvl.com4 MillionN/AYes
TrueFire.com602 ThousandN/AYes
Vakinha.com.br4.8 MillionN/ANo
Wattpad270 MillionJune 2020 *Yes
* Based on threat actor’s statements

From the samples seen of these databases, BleepingComputer has confirmed that the exposed email addresses correspond to accounts on the services.

The huge trove of data contains over 386 million user records, but only some of them included the user’s password.

Users of the above companies are recommended to change their passwords as soon as possible, they have to change the passwords where they used the same login credentials.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, ShinyHunters)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment