ZDNet reported that Shiny Hunters, a hacker group that claims to have stolen more than 91 million user records from ten companies, is selling the data on the dark web market. Last week, Tokopedia, Indonesia’s largest online store, was also invaded by the group. Initially, ShinyHunter leaked 15 million user records on the web “for free”, and then sold the entire database containing 91 million records for $5,000 (the equivalent of selling 73 million user records).
After a taste of the sweetness of selling Tokopedia user records, Shiny Hunters this week posted a database of ten other companies:
Online dating app Zoosk (30 million user records)
Print service Chatbooks (15 million user records)
Korean fashion platform SocialShare (6 million user records)
Home Chef delivery service (8 million user records)
Online Market Minted (5 million user records)
Online media Chronicle of Higher Education (3 million user records)
Korean furniture magazine GGuMim (2 million user records)
Health magazine Mindful (2 million user records)
Indonesia online store Bhinneka (1.2 million user records)
U.S. newspaper StarTribune (1 million user records)
The database is reported to cover a total of 73.2 million user records. Black market buyers can take all of the $18,000 or specify a separate database.
Shiny Hunters also shared sample examples from some of the stolen databases to prove to black market buyers that they were indeed “in stock.”
Although the authenticity of some of the listed databases cannot be verified, Cyble, Nightlion Security, Under Breach, and ZeroFOX, in the cyber security community, consider their credibility to be high.
Some believe Shiny Hunters has some connection to Gnosticplayers, an active hacking group, last year. Because it used to be in almost the same pattern, it peddles credentials for more than 1 billion users in the dark web market.
This week, ZNDet asked the affected companies one by one, but as of the time of writing, chatbooks had responded by email, and the company had officially posted a security vulnerability announcement on its website.