A hazard actor is offering account databases consisting of an overall of 34 million user records that they declare were stolen from seventeen business during information breaches.
This was initially advertised on October 28th by a data breach broker, who developed a new subject on a hacker online forum to offer the stolen user databases for seventeen companies.
” Selling Exclusive personal databases. These databases are fresh and have actually never ever been sold in the past. Minimal sales”
This has gone viral now, questioning what information would be included in this sale?
Who is accountable for the data breaches?
Likewise, according to the Seller, the account databases are the outcomes of data breaches that took place in 2020, but none of the afflicted business have divulged security breaches prior to today.
The Seller has been clear to their point that they were not accountable for hacking into the seventeen business and is only serving as a broker for the databases.
Business and Data which had Supposedly breached in 2020
It is crucial to understand that all of the seventeen databases being offered were obtained in 2020, and information like telephone number, charge card info, email, passwords and SHA256/512, md5crypt and bcrypt passwords, etc are likely to be disclosed.
According to the seller, the following info is exposed per breach:
Geekie.com.br: emails, bcrypt-sha256/ sha512 hashed passwords, usernames, names, DoB, gender, cellphone number, Brazilian CPF numbers
Cermati.com:– e-mails, password bcrypt, name, address, phone, revenue, bank, tax number, id number, gender, task, company, moms maiden name
Katapult.com: email, password pbkdf2-sha256/ unidentified, name
Clip.mx: email, phone
Redmart.lazada.sg: e-mails, SHA1 hashed passwords, mailing and billing addresses, full name, phone numbers, partial credit cards numbers and exp dates
You can follow us on Linkedin, Twitter, Facebook for everyday Cybersecurity and hacking news updates.
Eatigo.com: email, password md5, name, phone, gender, facebook id & & token Wongnai.com: email, password md5, ip, facebook & & twitter id, names, birthdate, phone, zip Toddycafe.com: email, password unknown, name, phone, address Game24h.vn: e-mail, password md5, username, birthdate, name Wedmegood.com: email, password sha512, phone, facebook id W3layouts.com: — email, password bcrypt, ip, country, city, state, phone, name Apps-builder. com: email, password md5crypt, ip, name, nation Invideo.io: e-mail, password bcrypt, name, phone Coupontools.com: e-mail, password bcrypt, name, phone, gender, birthdate Athletico.com.br: email, password md5, name, cpf, birthdate Fantasycruncher.com: email, password bcrypt/sha1, username, ip Much safer Precaution If you are a user of one of these sites, it is recommended to change your password and it is likewise recommended to alter the password of all other sites if you are most likely to be utilizing the exact same password all over.
Everything5pounds.com: e-mails, hashed passwords, name, gender, phone number
Also Read VOIP Service Provider Exposes 350M Customer Records Food Delivery Platform Hacked– More than 400K Customer Impacted
Apps-builder. If you are a user of one of these websites, it is suggested to alter your password and it is likewise a good idea to change the password of all other websites if you are most likely to be utilizing the same password everywhere.
” Selling Exclusive private databases. These databases are fresh and have actually never ever been offered in the past. Limited sales”