Data of 18 companies leaked by hackers group ShinyHunters

A group of threat actors is using a hacker forum to publish multiple databases, exposing a total of 386 million user records, information that could have been compromised in incidents of previous data breaches. The hackers, known as ShinyHunters, do not even ask for money for the database.

Cybersecurity experts say ShinyHunters has been involved in multiple data breach incidents, including attacks against Dave, Wattpad, and a GitHub repository. These databases are usually sold privately immediately after the breaches; when cybercriminals have already taken advantage of the sale of this information, the databases are published for free on hacking forums.

Esta imagen tiene un atributo ALT vacío; su nombre de archivo es bleepingcomputer29072020.jpg
SOURCE: BleepingComputer

The databases began to be published on July 21. The first nine were related to nine previously revealed incidents, while the remaining nine are unreported attacks, including firms such as Havenly, Indaba Music, Ivoy, Proctoru, Rewards1, Scentbird and Vakinha.

BleepingComputer analyzed the content of the databases exposed, concluding that the email addresses exposed correspond to accounts in the companies concerned. Although databases do not include passwords associated with filtered email addresses, the information may be useful for some malicious campaigns.

So far none of the companies concerned have commented on the incident. Cybersecurity experts consider low communication to be common when companies suffer data breaches, and it may take even months to speak publicly about these incidents.

Multiple services have been compromised, and experts fear that the list may grow in the following days, so users of any online service are advised to reset their passwords and thus prevent their email accounts from being compromised; remember that the new password should be secure enough and hard to guess. Threat actors could also deploy massive phishing campaigns, so it is recommended to ignore any suspicious-looking emails.