Pierluigi Paganini January 18, 2021

Experts from Cyble recently found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum.

During a routine Darkweb monitoring, researchers from Cyble found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum.

CapitalEconomics.com is one of the leading independent economic research companies in the world that provides macroeconomic, financial market and sectoral forecasts and consultancy.

“Upon analysis of the data, Cyble discovered that there are 500K+ lines of record containing various prominent user profiles.” reads the post published by Cyble.

Leaked records include email IDs, password hashes, addresses, etc.  

Cyble experts informed its clients about this leak, it pointed out that the availability of corporate email IDs could allow threat actors to carry out a broad range of malicious activities.

Cyble recommends people to: 

• Never share personal information, including financial information over phone, email or SMSes. 

• Use strong passwords and enforce multi-factor authentication wherever possible. 
• Regularly monitor your financial transactions, and if you notice any suspicious activity, contact your bank immediately. 
• Turn on the automatic software update feature on your computer, mobile and other connected devices wherever possible and pragmatic. 
• Use a reputed anti-virus and Internet security software package on your connected devices including PC, laptop, and mobile. 
• People who are concerned about their exposure in the Darkweb can register at AmiBreached.com to ascertain their exposure. 
• Refrain from opening untrusted links and email attachments without verifying their authenticity.  

Update Janyary 21, 2021

“Researchers at KELA have shared that this isn’t the first time that the Capital Economics database was leaked. Irina Nesterovsky, Chief Research Officer at KELA said, “It was originally leaked in early January in an English-speaking forum exposing information of nearly 500K people. The second instance we saw it appearing was when an actor tried selling it in another forum claiming that he had a database “for Finance Company Including SQL” with 500K records. Later that day, the same actor leaked the database for free claiming it contained data of more than 500K C-Level executives. KELA confirmed that the same database was shared in all instances. It appears that the “500K C level” title was given to the post in order to boost the importance of the database – the entire size of the relevant user database is around 500K lines, not at all a majority of which are C-Level employees.”

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Pierluigi Paganini

(SecurityAffairs – hacking, Capital Economics)

[adrotate banner=”5″]

[adrotate banner=”13″]