A hacker group named “ShinyHunters” is selling more than 73 million user database records on Dark web. This hacker group is the same group who breached last week Tokopedia, Indonesia’s largest online store. Hackers leaked 15 million user records online for free and then later kept the company’s database of 91 million user records for sale for $5000.
The user databases stolen from organizations are:
- Online dating app Zoosk (30 million user records)
- Printing service Chatbooks (15 million user records)
- South Korean fashion platform SocialShare (6 million user records)
- Food delivery service Home Chef (8 million user records)
- Online marketplace Minted (5 million user records)
- Online newspaper Chronicle of Higher Education (3 million user records)
- South Korean furniture magazine GGuMim (2 million user records)
- Health magazine Mindful (2 million user records)
- Indonesia online store Bhinneka (1.2 million user records)
- US newspaper StarTribune (1 million user records)
The total databases of 73.2 million user records are listed which the hacker is selling for around $18,000.
According to the reports on ZDNet, the hacker group has shared samples from the stolen databases. The ZDNet has verified the legitimate user records, which is for the samples where the user details were given.
The legality of some of the listed databases can’t be verified. As per the sources in the threat the intel community like Nightlion Security, Under the Breach, and ZeroFOX says ShinyHunters is a legitimate threat.
A hacker group which was active last year, Gnosticplayers who sold more than 1 billion user data on the dark web. Some of them believe that the ShinyHunters group has some connection to Gnosticplayers.