Hacker Steals 34 Million User Records from 17 Companies, Puts for Sale on Hacker Forum!

Data breaches continue to dominate headlines across the world. Despite the growing emphasis on data security, cybercriminals continue to find more advanced ways to breach security defenses and access critical enterprise data.

Recently, a malicious actor has stolen account databases containing an aggregate total of 34 million user records from seventeen companies.

Lately, on October 28, a data breach broker put the stolen user databases of the 17 companies on ‘Hacker Forum’ for sale. The caption read as “Selling exclusive private databases. These databases are fresh and have never been sold before. Limited sales.”

In conversation with BleepingComputer, the seller said they were acting as a broker for the databases and were not responsible for hacking into the seventeen companies.

When asked how the threat actor has gained access to the databases, the seller replied, “Not sure if he wants to disclose.”

The stolen databases for private sale on Hacker Forum will be typically sold at prices ranging from USD 500 to USD 100,000. After some time, the sellers will release the stolen databases for free in the forum to improve the hacker’s ‘street cred.’

List of Companies Experienced the Breach:

As per the details provided by the data breach broker, all of the databases being stolen from the seventeen companies were obtained in 2020.

Geekie.com.br experienced the largest breach, allowing the hacker to steal 8.1 million records. Singapore’s RedMart (1.1 million records) is the most popular company among the 17 affected companies.

The seller revealed that they are selling the RedMart database for USD 1,500.

However, only RedMart, Geekie, and Athletico, among all the 17 companies, have disclosed the data breach, while Wongnai.com informed BleepingComputer that they are investigating the breach.

“Thanks for your inquiry, we were aware of this incident, and our tech team has been investigating this matter,” Wongnai emailed BleepingComputer.

Company Records Exposed User Information Exposed
Geekie.com.br 8.1 million Emails, usernames, names, DoB, gender, mobile numbers, Brazilian CPF numbers, hashed passwords,
Clip.mx 4.7 million Email, phone number
Wongnai.com 4.3 million Email, password md5, IP, Facebook and Twitter ID, names, birthdate, phone, zip
Cermati.com 2.9 million Emails, Bcrypt password, name, address, phone, revenue, bank, tax and ID number, gender, job, company, mother’s maiden name
Everything5pounds.com 2.9 million Emails, name, gender, phone number, hashed passwords
Eatigo.com 2.8 million Email, name, phone, gender, password md5, Facebook ID, and token
Katapult.com 2.2 million Email, password pbkdf2-sha256/unknown, name
Wedmegood.com 1.3 million Email, password sha512, phone, Facebook ID
RedMart 1.1 million Mails, mailing and billing addresses, SHA1 hashed passwords, full name, phone numbers, partial credit cards numbers
Coupontools.com 1 million Email, password bcrypt, name, phone, gender, birthdate
W3layouts.com 789,000 Email, country, city, state, phone, name, password bcrypt, IP
Game24h.vn 779,000 Email, password md5, username, birthdate, name
Invideo.io 571,000 Email, password bcrypt, name, phone
Apps-builder.com 386,000 Email, password md5crypt, IP, name, country
Fantasycruncher.com 227,000 Email, password bcrypt/sha1, username, IP
Athletico.com.br 162,000 Email, password md5, name, CPF, birthdate
Toddycafe.com 129,000 Email, password unknown, name, phone, address

Do You Hold Any Account in These Websites?

If you have an account in one of these hacked websites, make sure to change your account password immediately, irrespective of any breach disclosure alert from the company.

Change Passwords of Accounts

In case you are using the same password for other sites, ensure to change those passwords too.

It is advised to use unique and robust passwords for every website, so any breach at one site will not affect you at the other websites you use.

Contact Us

More Articles: