Hacker Sells 620 Million Customer Details on Dark Web for $20k in Bitcoin
A single seller is offering approximately 620 million stolen customer details on the dark, according to The Register, which says it has been in touch with the seller and the database is genuine. The hacker claims the data was collected in 2018 through remote-code execution attacks after compromising vulnerabilities in web applications.
The account details were stolen following 16 high-profile data breaches including those of MyFitnessPal (151 million), MyHeritage (92 million), EyeEm (22 million) and 500px (15 million). All are for sale at a total price of almost $20,000 in bitcoin. The seller claims the a Dream Market customer has already bought the database.
Here”s the complete list of compromised websites:
- Dubsmash (162 million)
- MyFitnessPal (151 million)
- MyHeritage (92 million)
- ShareThis (41 million)
- HauteLook (28 million)
- Animoto (25 million)
- EyeEm (22 million)
- 8fit (20 million)
- Whitepages (18 million)
- Fotolog (16 million)
- 500px (15 million)
- Armor Games (11 million)
- BookMate (8 million)
- CoffeeMeetsBagel (6 million)
- Artsy (1 million)
- DataCamp (700,000)
The stolen data contains information of interest to spammers and can be used for credential stuffing. This mostly includes names, emails and passwords, occasional personal details, location and social media authentication. No bank details appear to have been compromised. The stolen passwords are hashed, so hackers need to crack them before they use them. Most exposed are people who use weak passwords that can be easily decoded, and reuse them for multiple accounts.
Some of the websites came forward as soon as they were hacked, informed their customers and reset account passwords. In an operation that allegedly goes back to 2012, the seller claims to have 20 databases, but some will not be released online and will instead be kept for private use.
“Security is just an illusion,” the hacker said to The Register. “I started hacking a long time ago. I’m just a tool used by the system. We all know measures are taken to prevent cyberattacks, but with these upcoming dumps, I’ll make hacking easier than ever.”
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks
October 22, 2021
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals
October 20, 2021
What Is a VPN, How Does It Protect Me, and What Cool Perks Does it Offer?
September 23, 2021
Ultimate Privacy Guide for Your Facebook Account
August 31, 2021