Threat Watch

Shiny Hunters Group Selling Data Stolen From 11 Different Companies

Shiny Hunters: Last week it was reported that the learning website Unacademy was a victim of a data breach in which 22 million accounts were sold on the Darknet. Now, the “Shiny Hunters” threat group behind that breach and sale has posted a total of 11 different companies’ user data for sale. The first collection of stolen data to go up for sale was from Indonesia’s largest online store Tokopedia, followed by the sale of data from Unacademy. These sales were followed by a claim from the threat actor to have breached the GitHub account for Microsoft and leaked files from the company’s private source code repositories. Microsoft has not denied or confirmed these allegations. According to the research company Cyble, Shiny Hunters has begun flooding the criminal marketplace with stolen databases over the weekend. Shiny Hunters have sold or posted information for sale from the following companies:

– Tokopedia

– HomeChef

– Bhinneka

– Minted

– Styleshare

– GGumim

– Mindful

– StarTribune

– ChatBooks

– The Chronicle of Higher Education

– Zoosk

The asking price for each database varies between $1,500 and $2,500 USD.

ANALYST NOTES

All of the companies that were listed on the marketplace have been contacted according to Bleeping Computer. Not all of the companies have responded, but some have started releasing breach notifications and warning users that they should change their passwords. The details of every breach were not released but the sample data appears to be new and not reused information. Anyone who has accounts for the aforementioned companies should change their passwords immediately. As a safe practice, new passwords should never be re-used across multiple accounts. If anyone entered payment data into any of the websites, they should monitor those accounts for fraudulent activity in case that data is included in the sale.

More information can be read here: https://www.bleepingcomputer.com/news/security/hacker-group-floods-dark-web-with-data-stolen-from-11-companies/