A criminal with the pseudonym “Shiny Hunters” started last week to offer free downloads in hacker forums, which are supposed to be sensitive customer data from compromised databases.
As the IT news platform Bleeping Computer reports, the data records can be assigned to 18 companies / services. The data had been checked at random and it was found that the email addresses contained corresponded to existing accounts. In addition, Shiny Hunters is not a blank slate in the “scene”, but has already offered multiple leaked data in the past, the authenticity of which has been confirmed.
Bleeping Computer lists a total of around 386 million user data records. The story platform Wattpad, which alone account for around 270 million data records, is also available in German. heise online / Technology Review dedicated an article to her in 2019:
Many data leaks previously known
Nine of the 18 data leaks were previously known to the public: The confirmed attacks on Chatbooks.com, Dave.com, GGumim.co.kr, Hurb.com, Mathway.com, Promo.com, Swvl.com, TrueFire.com and Wattpad took place between January and July this year. A few days ago, heise reported on the leaks at Dave and Promo online.
The leaked information varies greatly depending on the platform. In some cases, details of public statements can be found:
The nine companies whose compromise was previously unknown – Appen, Drizly, Havenly, Indaba Music, Ivoy, Proctoru, Rewards1, Scentbird and Vakinha – have not yet commented on request. Accordingly, no further details about leaked data or initiated security / defense measures are known.
Change passwords, beware of phishing
In many cases, users should have already been informed by email or by logging into their accounts with the hacked providers. The free accessibility of all data nevertheless creates new risks of misuse. If they have not already done so, those affected potentially should change their passwords as a precaution and, in the event of multiple use, also choose new (different!) Passwords for other services. It is also advisable to pay more attention to possible phishing attempts with confidential data.
Don’t miss any news! With our daily newsletter you will receive all heise online news from the past 24 hours every morning.
Subscribe to the newsletter now
“I’ve made enough money”
The leaks in which “Shiny Hunters” was involved in the recent past – whether as an attacker or “only” as a seller in the Darknet is unclear – include the break-in in Microsoft’s GitHub-1 repository in May 2020 and the data leak at MFM Resorts respectively MGM Grand Hotels.
The gangster had touted his “loot” from the latter incident just a few weeks ago for $ 2,900 in underground forums. He justified his change of heart towards generosity towards Bleeping Computer now having made enough money. Now he is giving away data “for the benefit of all”; he doesn’t care whether previous buyers resent this.
As part of the MGM incident, as heise online reported, a security researcher named Vinny Troia announced on Twitter that he wanted to disclose the identity of Shiny Hunters. What became of it and whether there is a connection to the implied “retirement” of the seller is not known.