In today’s blog, Hikvision senior director of cybersecurity, Chuck Davis, will cover vulnerabilities related to a security breach of more than 386 million records.
Eighteen Startups Breached
A threat actor recently posted more than 386 million user records online from 18 companies. “Since July 21st, a seller of data breaches known as ShinyHunters has begun leaking the databases for free on a hacker forum known for selling and sharing stolen data,” reported Bleeping Computer.
From the Bleeping Computer article: “ShinyHunters has been involved in or responsible for a wide assortment of data breaches this past year, including Wattpad, Dave, Chatbooks, Promo.com, Mathway, HomeChef, and the breach of Microsoft private GitHub repository. Databases stolen in data breaches usually are privately sold first, with prices ranging between $500 (Zoosk) to $100,000 (Wattpad). Once they are no longer profitable, threat actors commonly release them on hacker forums to increase their community reputation.”
Later on, Bleeping Computer posted an update on the breach collection as more of the startups began disclosing the breaches to the public. You can see these status updates in the following table. Bleeping Computer reported that ShinyHunters released the breached “databases for free to benefit the community and as they already made enough money from selling them in private sales.”