A new shocking report revealed that almost 620 million online account data from 20 famous websites currently hackers selling it in dark web for less than $20,000 in Bitcoin.
Selling data contains account holder names, email addresses, and passwords. These passwords are hashed and some of the other information such as location, personal details, and social media authentication tokens.
Stolen data from following
1.Dubsmash (162 million)
2. MyHeritage (92 million)
3. MyFitnessPal (151 million)
4. ShareThis (41 million)
5. HauteLook (28 million)
6. Animoto (25 million)
7. EyeEm (22 million)
8. 8fit (20 million)
9. Whitepages (18 million
10. Fotolog (16 million)
11. 500px (15 million)
12. Armor Games (11 million)
13. BookMate (8 million)
14. CoffeeMeetsBagel (6 million)
15. Artsy (1 million)
16. DataCamp (700,000).
All these Online Accounts records are stored in multi-gigabyte databases but there is no bank related data such as cards, bank account number are listed in this giant database.
Since the database contains the huge account details, the selling data targeted to the potential buyers such as, spammers, password stealers and credentials in this data based used to perform brute force attacks.
According to the theregister, All of the databases are right now being touted separately by one hacker, who says he or she typically exploited security vulnerabilities within web apps to gain remote-code execution and then extract user account data. The records were swiped mostly during 2018, we’re told, and went on sale this week. report,”
Some of the above-listed websites such as MyHeritage, MyFitnessPal has been already hacked and the data were stolen by the cybercriminals and now all those data has listed here.
A spokesperson for MyHeritage confirms that the data listed in this leak contains their data which was stolen from their server during the period when they suffering the massive data breach in mid of the last year.
“Last week, half a dozen data were listed on Dream Market by the seller: when we spotted them, we alerted Dubsmash, Animoto, EyeEm, 8fit, Fotolog, and 500px that their account data was potentially being touted on the dark web.” Register said.
Largest Dark Web Marketplace Black Hand Shut Down By Authorities