Sunday, December 29, 2024
HomeComputer SecurityHackers Selling More than 200 Million Stolen Data from Chinese Hotel Chain...

Hackers Selling More than 200 Million Stolen Data from Chinese Hotel Chain in Dark Web

Published on

SIEM as a Service

Hackers advertising and selling more than 200 million highly sensitive data in a Dark web forum that was stolen from the China-based hotel chain.

Initially, researchers believe that the stolen information is only personally identifiable information (PII) of Chinese customer but further analysis helps then to uncovered that the stolen information from other Asian countries as well.

These stolen data belong to one the data breach that reported in last August 29 that exposed up to 130 million PII from Huazhu Hotels Group.

- Advertisement - SIEM as a Service

A Dark web forum that advertises these stolen data for the cost of eight bitcoins that is roughly around  US$58,000.

Advertising Data Amount from Hacked Database Data

Hackers claiming that the First set of stolen data contains various sensitive information including names, mobile phone numbers, email addresses, ID numbers, and residential addresses, among others from 53GB data contain 123 million records.

The second set of data contain 130 million customer ID information such as registered check-in time, customer name, ID number, home address, birthday, and internal ID number from 22.3 GB data.

Third dark web advertisement refers around 240 million records from 66.2GB data which including customer names, room numbers, card numbers, mobile numbers, email addresses, check-in and departure times, and hotel ID numbers.

Apart from this, Buyers and members of the dark web forum specifically request the particular set of data, for example, one of the forum members asked only a female data.

Selling Stolen Data and Compromised Victims are not limited

According to Trend Micro research, The data from the hotel chain is only a portion of what’s being sold in the deep web forum. The following is an example of other stolen data and illicit products we found being sold in the forum:

  1. Student-, hotel-, and financial investment-related PII. This PII included full names, Alipay accounts, WeChat bills, debit card, and other finance-related data.
  2. Banking and ID card information; interestingly, this is sold in the form of pictures of people holding the IDs, likely done as proof of identification.
  3. PII of contestants of a national pageant. The PII included names, physical attributes, and social media accounts.
  4. Stolen Taiwanese and Brazilian credit card data (payment can be sent to the user’s Steam account).
  5. PII of residents in Beijing.
  6. China national passports and other documents.
  7. Personal pictures of young female users in QQ accounts.

Our various research efforts showed that stolen and leaked PII is a staple offering in many cybercriminal underground marketplaces, which makes data privacy and security a must for organizations, Trend Micro said.

Also Read:

Tor Browser for Android – Browse Anonymously on Android Devices

Mobile Spyware Maker mSpy Leaked Millions of Sensitive Data Online in Plain Text

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

AT&T and Verizon Hacked – Salt Typhoon Compromised The Network For High Profiles

AT&T and Verizon Communications, two of America's largest telecommunications providers, have confirmed they were...

Lumma Stealer Attacking Users To Steal Login Credentials From Browsers

Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a...

New ‘OtterCookie’ Malware Attacking Software Developers Via Fake Job Offers

Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated...

NjRat 2.3D Pro Edition Shared on GitHub: A Growing Cybersecurity Concern

The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

A Dark Web Operation Acquiring KYC Details TO Bypass Identity Verification Systems

A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which...

New Research Uncovered Dark Internet Service Providers Used For Hacking

Bulletproof hosting services, a type of dark internet service provider, offer infrastructure to cybercriminals,...

Russia Sentenced Hydra Dark Web Market Developer for Life Time

A Russian court has sentenced Stanislav Moiseyev, believed to be the founder of the...