A data breach broker is selling databases containing user information from 14 different companies that were claimed to have been breached in 2020. When companies are breached, threat actors will typically download accessible databases, including user account records, which are then sold to other threat actors directly or via a data breach broker. Over the past month, a known and reputable data breach broker has been selling several databases on hacker forums that they claimed were acquired in 2020. Each of the 14 databases being sold contains different information, but they all include usernames and hashed passwords. The databases for sale contain information from companies providing services such as game sites, food delivery services, soccer streaming, online fashion, and loans. These breached databases are being sold from $100 to $1100. The companies that were allegedly breached are DarkThrone, Efun, Fluke, Footers, HomeChef, James Delivery, KitchHike, KreditPlus, Minted, Playwings, Revelo, Tokopedia, Yotepresto, and Zoosk. The samples appear to be legitimate, according to BleepingComputer, and are a serious concern because they contain a combined total of 132,957,579 user records that can be used for credential stuffing attacks.
Note: this post was originally shared on https://squiblydoo.blog/ by a member of the Binary Defense Team. In