ShinyHunters Serving up 21 New Compromised Databases - Binary Defense

Break down the business value of Binary Defense services into dollars and cents

Download Report

Threat Watch

Threat Watch ShinyHunters Serving up 21 New Compromised Databases

ShinyHunters Serving up 21 New Compromised Databases

ShinyHunters: ShinyHunters is showing no signs of slowing their slew of attacks anytime soon. Early yesterday, 21 new databases were listed for sale by ShinyHunters on RaidForums. The new collection of victims from the threat group appears to be a random assortment with no unifying pattern among the targets of the now infamous hacker(s). Along with the 21 new databases was another post for the previously breached Tokopedia, which ShinyHunters initially posted for sale in early May. The other 21 sites were a collection of shopping, education, dating, cooking, and technology sites. Along with their listing of all the items for sale was a promise of “new data coming soon.” The complete list of new databases for sale includes catho.com, chatbooks.com, unacademy.com, ck12.org, braingenie (a division of ck12), leafly.com, minted.com, mathway.com, wappalyzer.com, styleshare.kr, bhinneka.com, ggumim.co.kr, homechef.com, startribune.com, indaba, zerista.com, yw.com, jewelry.com, rewardstyle.com, accuradio.com, and zoosk.com.

ANALYST NOTES

ShinyHunters have quickly proven to be extremely capable and built a reputation of leaking only new information that they have obtained themselves. This means that any alleged data breaches from the group should be taken seriously. While nearly all of the stolen databases have the potential for payment card data, Zoosk could possibly prove to be one of the most tempting for criminals. Data breaches from dating services have been a desirable and useful source of information for criminals in recent years. There have been a number of instances over the past several years where criminals have used data stolen from dating services to search out married users and blackmail them for either financial gain or to obtain access to corporate networks. Users who have made use of services on any of these websites are strongly encouraged to change their passwords and monitor activity on their accounts closely. Breaches like these also increase the risk of phishing attacks targeting the sites’ users.