Shiny Hunters: Last week it was reported that the learning website Unacademy was a victim of a data breach in which 22 million accounts were sold on the Darknet. Now, the “Shiny Hunters” threat group behind that breach and sale has posted a total of 11 different companies’ user data for sale. The first collection of stolen data to go up for sale was from Indonesia’s largest online store Tokopedia, followed by the sale of data from Unacademy. These sales were followed by a claim from the threat actor to have breached the GitHub account for Microsoft and leaked files from the company’s private source code repositories. Microsoft has not denied or confirmed these allegations. According to the research company Cyble, Shiny Hunters has begun flooding the criminal marketplace with stolen databases over the weekend. Shiny Hunters have sold or posted information for sale from the following companies:
– Tokopedia
– HomeChef
– Bhinneka
– Minted
– Styleshare
– GGumim
– Mindful
– StarTribune
– ChatBooks
– The Chronicle of Higher Education
– Zoosk
The asking price for each database varies between $1,500 and $2,500 USD.